#software-security

[ follow ]
#vulnerabilities
Software development
fromDevOps.com
3 months ago

Black Duck Analysis Surfaces Raft of Open Source Software Vulnerabilities in Code Bases - DevOps.com

A significant majority of commercial codebases contain high-risk open-source vulnerabilities; proactive testing is crucial for software security.
fromIT Pro
14 hours ago
Software development

Shifting left might improve software security, but developers are becoming overwhelmed - communication barriers, tool sprawl, and 'vulnerability overload' is causing serious headaches for development teams

Software development
fromDevOps.com
3 months ago

Black Duck Analysis Surfaces Raft of Open Source Software Vulnerabilities in Code Bases - DevOps.com

A significant majority of commercial codebases contain high-risk open-source vulnerabilities; proactive testing is crucial for software security.
fromIT Pro
14 hours ago
Software development

Shifting left might improve software security, but developers are becoming overwhelmed - communication barriers, tool sprawl, and 'vulnerability overload' is causing serious headaches for development teams

#cybersecurity
fromDevOps.com
2 days ago
Software development

Futurum Group Survey Surfaces DevSecOps Progress on Multiple Fronts - DevOps.com

fromDevOps.com
2 days ago
Software development

Futurum Group Survey Surfaces DevSecOps Progress on Multiple Fronts - DevOps.com

fromHackernoon
2 years ago

Code Smell 300 - Package Hallucination | HackerNoon

A chain is only as strong as its weakest link, and hallucinating dependencies will damage your software supply chain. DO NOT trust blindly on AI generators.
Artificial intelligence
#ai
Artificial intelligence
fromIT Pro
1 month ago

Want to supercharge your vibe coding skills? Here are the best AI models developers can use to generate secure code

Vibe coding poses risks as AI-generated code often lacks adequate security measures, leading to vulnerabilities.
Artificial intelligence
fromDevOps.com
1 month ago

AI-Generated Code Packages Can Lead to 'Slopsquatting' Threat - DevOps.com

AI hallucinations can lead to incorrect or made-up package recommendations, posing security risks for software developers.
DevOps
fromDevOps.com
3 months ago

Endor Labs Extends Microsoft SCA Alliance to GitHub - DevOps.com

Endor Labs and GitHub's partnership enhances software vulnerability management directly within DevOps workflows.
The integration streamlines the discovery and remediation of vulnerabilities in the development process.
fromTechRepublic
6 months ago

Software Makers Encouraged to Stop Using C/C++ by 2026

The Product Security Best Practices report emphasizes that software manufacturers should abandon memory-unsafe programming languages, particularly C/C++, to minimize risks associated with national security.
Information security
fromCodeProject
8 months ago

(Non-)Nullable Reference Types

The new feature called 'nullable reference types' makes two mistakes by focusing on non-nullable variables, which have always been part of C#, misleading developers.
JavaScript
[ Load more ]