#software-security

[ follow ]
Nextgov.com
1 month ago
Software development

How to fix the military's software SNAFU

Software industry must address security vulnerabilities for military use.
Embracing secure software solutions can mitigate risks in military operations. [ more ]
Python Software Foundation Blog
2 months ago
Software development

Software Bill-of-Materials documents are now available for CPython

The Python Software Foundation has released Software Bill-of-Materials (SBOM) documents for CPython source releases to improve vulnerability management.
SBOMs provide a comprehensive scan for software vulnerabilities and reduce the chances of vulnerabilities being missed by scanners. [ more ]
IEEE Spectrum
2 months ago
Software development

Why Bloat Is Still Software's Biggest Vulnerability

The way we build and ship software today is leading to bloated code and poor software security.
The current state of software is untenable and many programmers and their managers haven't experienced anything different. [ more ]
DevOps.com
1 month ago
DevOps

Navigating the Maze of SSDLC Models: A DevOps-Centric Analysis - DevOps.com

Secure SDLC is crucial for software development.
Microsoft's SDL and OWASP SAMM are prominent SSDLC models. [ more ]
TechRepublic
2 months ago
Information security

White House Recommends Memory-Safe Programming Languages and Security-by-Design

Implement memory-safe programming languages like Python, Java, C#.
Develop and support new metrics for measuring hardware security. [ more ]
dzone.com
2 months ago
Privacy professionals

Designing for Security - DZone

Security is often overlooked in software application design.
Implementing security changes after the system is in production is costly. [ more ]
Iapp
3 months ago
EU data protection

EU, US to collaborate on cybersecurity measures

European Commissioner for Internal Market and U.S. Secretary of Homeland Security discussed collaboration on cybersecurity measures
They aim to advance cooperation in critical infrastructure protection, crisis management, software security, post quantum cryptography, and cybersecurity of artificial intelligence [ more ]
Theregister
1 month ago
Artificial intelligence

AI bots hallucinate software packages and devs download them

Big businesses incorporated fake package from AI hallucinations, risking widespread installation.
AI-generated package names can potentially be exploited to distribute malicious code by mimicking invented dependencies. [ more ]
[ Load more ]