#software-security

[ follow ]
#vulnerabilities
Software development
fromDevOps.com
4 months ago

Black Duck Analysis Surfaces Raft of Open Source Software Vulnerabilities in Code Bases - DevOps.com

A significant majority of commercial codebases contain high-risk open-source vulnerabilities; proactive testing is crucial for software security.
fromIT Pro
1 month ago
Software development

Shifting left might improve software security, but developers are becoming overwhelmed - communication barriers, tool sprawl, and 'vulnerability overload' is causing serious headaches for development teams

Software development
fromDevOps.com
4 months ago

Black Duck Analysis Surfaces Raft of Open Source Software Vulnerabilities in Code Bases - DevOps.com

A significant majority of commercial codebases contain high-risk open-source vulnerabilities; proactive testing is crucial for software security.
fromIT Pro
1 month ago
Software development

Shifting left might improve software security, but developers are becoming overwhelmed - communication barriers, tool sprawl, and 'vulnerability overload' is causing serious headaches for development teams

more#vulnerabilities
#vulnerability-management
DevOps
fromDevOps.com
4 months ago

Endor Labs Extends Microsoft SCA Alliance to GitHub - DevOps.com

Endor Labs and GitHub's partnership enhances software vulnerability management directly within DevOps workflows.
The integration streamlines the discovery and remediation of vulnerabilities in the development process.
DevOps
fromDevOps.com
4 months ago

Endor Labs Extends Microsoft SCA Alliance to GitHub - DevOps.com

Endor Labs and GitHub's partnership enhances software vulnerability management directly within DevOps workflows.
The integration streamlines the discovery and remediation of vulnerabilities in the development process.
more#vulnerability-management
#cybersecurity
fromDevOps.com
1 month ago
Software development

Futurum Group Survey Surfaces DevSecOps Progress on Multiple Fronts - DevOps.com

fromIT Pro
6 days ago
Privacy technologies

Developers face a torrent of malware threats as malicious open source packages surge 188%

fromDevOps.com
3 days ago
Digital life

The Hidden Imperative in the UK's Software Security Code: Provable Readiness - DevOps.com

fromDevOps.com
1 month ago
Software development

Futurum Group Survey Surfaces DevSecOps Progress on Multiple Fronts - DevOps.com

fromIT Pro
6 days ago
Privacy technologies

Developers face a torrent of malware threats as malicious open source packages surge 188%

fromDevOps.com
3 days ago
Digital life

The Hidden Imperative in the UK's Software Security Code: Provable Readiness - DevOps.com

more#cybersecurity
#ai
fromVuejobs
2 weeks ago
DevOps

Intermediate Fullstack Engineer (Ruby/vue.js), Software Supply Chain Security: Pipeline Security at GitLab

fromVuejobs
2 weeks ago
DevOps

Intermediate Fullstack Engineer (Ruby/vue.js), Software Supply Chain Security: Pipeline Security at GitLab

more#ai
fromIT Pro
3 weeks ago

AI-generated code is in vogue: Developers are now packing codebases with automated code - but they're overlooking security and leaving enterprises open to huge risks

Software development teams are shipping faster, with more AI-generated code and AI agent-led updates.
Artificial intelligence
fromHackernoon
2 years ago

Code Smell 300 - Package Hallucination | HackerNoon

A chain is only as strong as its weakest link, and hallucinating dependencies will damage your software supply chain. DO NOT trust blindly on AI generators.
Artificial intelligence
Artificial intelligence
fromIT Pro
2 months ago

Want to supercharge your vibe coding skills? Here are the best AI models developers can use to generate secure code

Vibe coding poses risks as AI-generated code often lacks adequate security measures, leading to vulnerabilities.
Artificial intelligence
fromDevOps.com
2 months ago

AI-Generated Code Packages Can Lead to 'Slopsquatting' Threat - DevOps.com

AI hallucinations can lead to incorrect or made-up package recommendations, posing security risks for software developers.
fromTechRepublic
8 months ago

Software Makers Encouraged to Stop Using C/C++ by 2026

The Product Security Best Practices report emphasizes that software manufacturers should abandon memory-unsafe programming languages, particularly C/C++, to minimize risks associated with national security.
Information security
fromCodeProject
9 months ago

(Non-)Nullable Reference Types

The new feature called 'nullable reference types' makes two mistakes by focusing on non-nullable variables, which have always been part of C#, misleading developers.
JavaScript
[ Load more ]