#vulnerability-management

[ follow ]
#software-development
TechRepublic
4 days ago
Information security

Three Quarters of Dependency Vulnerability Patches Lead to Breakages, Report Finds

Patching dependency vulnerabilities leads to breakages in software 75% of the time, revealing significant challenges in managing software dependencies. [ more ]
ComputerWeekly.com
6 days ago
Information security

JFrog and GitHub unveil open source security integrations | Computer Weekly

JFrog and GitHub's integration aims to improve software security throughout the development cycle, enhancing efficiency and lowering vulnerabilities. [ more ]
TechRepublic
4 days ago
Information security

Three Quarters of Dependency Vulnerability Patches Lead to Breakages, Report Finds

Patching dependency vulnerabilities leads to breakages in software 75% of the time, revealing significant challenges in managing software dependencies. [ more ]
ComputerWeekly.com
6 days ago
Information security

JFrog and GitHub unveil open source security integrations | Computer Weekly

JFrog and GitHub's integration aims to improve software security throughout the development cycle, enhancing efficiency and lowering vulnerabilities. [ more ]
moresoftware-development
#cybersecurity
Hackernoon
1 year ago
Information security

Opus Security Elevates Vulnerability Management With Its AI-Powered Multi-Layered Engine | HackerNoon

Opus' Advanced Multi-Layered Prioritization Engine enhances vulnerability management with AI-driven prioritization, improving security and operational efficiency. [ more ]
The Hacker News
3 weeks ago
Information security

Focus on What Matters Most: Exposure Management and Your Attack Surface

Exposure management builds upon attack surface management by continuously evaluating digital asset vulnerabilities, user identities, and cloud configurations. [ more ]
The Hacker News
3 weeks ago
Information security

The Facts About Continuous Penetration Testing and Why It's Important

CASPT is an ongoing process providing real-time security assessment to identify and mitigate vulnerabilities in an organization.
It enables organizations to stay ahead of attackers by continuously evaluating their security posture. [ more ]
Developer Tech News
4 months ago
Information security

CISA sounds alarm on critical GitLab flaw under active exploit

Organizations should promptly apply security updates in response to active exploitation attempts. [ more ]
New Relic
5 months ago
Information security

Identify vulnerabilities across application environments

Securing application environments is essential for operational security, compliance, and customer trust, requiring identification and mitigation of vulnerabilities through detailed understanding and effective strategies. [ more ]
New Relic
6 months ago
DevOps

Observability for continuous vulnerability assessment and remediation

Observability is crucial for cybersecurity strategies, offering a proactive approach to identifying and addressing vulnerabilities.
Observability provides a comprehensive view of an organization's digital environment, enabling continuous assessment and timely remediation of security challenges. [ more ]
Hackernoon
1 year ago
Information security

Opus Security Elevates Vulnerability Management With Its AI-Powered Multi-Layered Engine | HackerNoon

Opus' Advanced Multi-Layered Prioritization Engine enhances vulnerability management with AI-driven prioritization, improving security and operational efficiency. [ more ]
The Hacker News
3 weeks ago
Information security

Focus on What Matters Most: Exposure Management and Your Attack Surface

Exposure management builds upon attack surface management by continuously evaluating digital asset vulnerabilities, user identities, and cloud configurations. [ more ]
The Hacker News
3 weeks ago
Information security

The Facts About Continuous Penetration Testing and Why It's Important

CASPT is an ongoing process providing real-time security assessment to identify and mitigate vulnerabilities in an organization.
It enables organizations to stay ahead of attackers by continuously evaluating their security posture. [ more ]
Developer Tech News
4 months ago
Information security

CISA sounds alarm on critical GitLab flaw under active exploit

Organizations should promptly apply security updates in response to active exploitation attempts. [ more ]
New Relic
5 months ago
Information security

Identify vulnerabilities across application environments

Securing application environments is essential for operational security, compliance, and customer trust, requiring identification and mitigation of vulnerabilities through detailed understanding and effective strategies. [ more ]
New Relic
6 months ago
DevOps

Observability for continuous vulnerability assessment and remediation

Observability is crucial for cybersecurity strategies, offering a proactive approach to identifying and addressing vulnerabilities.
Observability provides a comprehensive view of an organization's digital environment, enabling continuous assessment and timely remediation of security challenges. [ more ]
morecybersecurity
#security-operations
The Hacker News
2 weeks ago
Information security

CTEM in the Spotlight: How Gartner's New Categories Help to Manage Exposures

Gartner's 2024 Hype Cycle emphasizes CTEM's role in managing security exposures effectively. [ more ]
CyberScoop
9 months ago
Information security

Cyber threats change daily. Have your endpoint and vulnerability management capabilities kept pace?

Endpoint and vulnerability management capabilities need to keep pace with daily changing cyber threats.
Lessons from the SolarWinds hack highlight the importance of EDR and vulnerability identification and remediation.
Generating a Software Bill of Materials is critical for security operations. [ more ]
The Hacker News
2 weeks ago
Information security

CTEM in the Spotlight: How Gartner's New Categories Help to Manage Exposures

Gartner's 2024 Hype Cycle emphasizes CTEM's role in managing security exposures effectively. [ more ]
CyberScoop
9 months ago
Information security

Cyber threats change daily. Have your endpoint and vulnerability management capabilities kept pace?

Endpoint and vulnerability management capabilities need to keep pace with daily changing cyber threats.
Lessons from the SolarWinds hack highlight the importance of EDR and vulnerability identification and remediation.
Generating a Software Bill of Materials is critical for security operations. [ more ]
moresecurity-operations
ITPro
3 weeks ago
Information security

The top API risks of 2024 and how to mitigate them

APIs are vital in digital interactions but pose severe security risks if not properly managed. [ more ]
Lightbend
1 month ago
Scala

Not all CVE fixes are created equal | @lightbend

Companies rely on external software platforms, but this introduces risks that need to be managed effectively. [ more ]
#devsecops
DevOps.com
1 month ago
Information security

Backslash Security Adds Simulation and Generative AI Tools to DevSecOps Platform - DevOps.com

Backslash Security adds upgrade simulation & LLM usage for DevSecOps teams, enhancing application security posture management. [ more ]
DevOps.com
5 months ago
Software development

From Chaos to Clarity: Streamlining DevSecOps in the Digital Era - DevOps.com

The mix of security tools in DevSecOps can create discord due to redundant alerts and lack of context.
Prioritizing vulnerability backlog based on impact is crucial for improving security posture. [ more ]
DevOps.com
1 month ago
Information security

Backslash Security Adds Simulation and Generative AI Tools to DevSecOps Platform - DevOps.com

Backslash Security adds upgrade simulation & LLM usage for DevSecOps teams, enhancing application security posture management. [ more ]
DevOps.com
5 months ago
Software development

From Chaos to Clarity: Streamlining DevSecOps in the Digital Era - DevOps.com

The mix of security tools in DevSecOps can create discord due to redundant alerts and lack of context.
Prioritizing vulnerability backlog based on impact is crucial for improving security posture. [ more ]
moredevsecops
#software-supply-chain
DevOps.com
3 months ago
Information security

Lineaje Adds Module to Manage Open Source Software Security Lifecycle - DevOps.com

Lineaje's Open Source Manager (OSM) with AI helps prioritize remediation efforts for DevOps teams. [ more ]
DevOps.com
7 months ago
Information security

Cycode Discloses GitHub Actions Vulnerability in Google Bazel Project - DevOps.com

Researchers discovered a command injection vulnerability in GitHub Actions used to update the Bazel project.
The vulnerability could have allowed the insertion of malicious code into the codebase managed by Google. [ more ]
DevOps.com
3 months ago
Information security

Lineaje Adds Module to Manage Open Source Software Security Lifecycle - DevOps.com

Lineaje's Open Source Manager (OSM) with AI helps prioritize remediation efforts for DevOps teams. [ more ]
DevOps.com
7 months ago
Information security

Cycode Discloses GitHub Actions Vulnerability in Google Bazel Project - DevOps.com

Researchers discovered a command injection vulnerability in GitHub Actions used to update the Bazel project.
The vulnerability could have allowed the insertion of malicious code into the codebase managed by Google. [ more ]
moresoftware-supply-chain
Theregister
4 months ago
Information security

68 tech companies sign CISA's secure by design pledge

Tech giants sign CISA's Secure by Design pledge to enhance product security by committing to specific actions within a year. [ more ]
Amazic
6 months ago
Information security

5 security challenges in containerized runtime environments and how to overcome them - Amazic

Containerized environments pose unique security challenges like isolation and multi-tenancy, as well as vulnerability management. [ more ]
New Relic
7 months ago
Information security

Expert guide to managing code-level vulnerabilities

Code-level vulnerabilities are hidden flaws within a software's source code that can lead to security breaches and data loss.
Identifying and understanding the nature of these vulnerabilities is the first step in managing them. [ more ]
Python Software Foundation Blog
7 months ago
Software development

Software Bill-of-Materials documents are now available for CPython

The Python Software Foundation has released Software Bill-of-Materials (SBOM) documents for CPython source releases to improve vulnerability management.
SBOMs provide a comprehensive scan for software vulnerabilities and reduce the chances of vulnerabilities being missed by scanners. [ more ]
DevOps.com
9 months ago
Software development

Vulnerability Management for DevOps Teams: A Practical Guide - DevOps.com

Vulnerability management is a continuous process of identifying, prioritizing, and resolving security vulnerabilities in software systems.
It is important for DevOps teams to incorporate vulnerability management into their practices to ensure the security of their software throughout the development lifecycle. [ more ]
SecurityWeek
10 months ago
Information security

Application Security Startup Aikido Security Raises 5 Million

Aikido Security has raised €5 million in seed funding.
The Belgium-based startup aims to provide SaaS businesses with an all-in-one platform for application security.
The new investment will help Aikido enhance its platform and expand its international presence. [ more ]
Securitymagazine
2 months ago
Information security

Understanding the impact of the NIST NVD backlog on MSPs

Budget cuts impact NIST's NVD, leading to a backlog in processing vulnerabilities affecting MSPs. [ more ]
Theregister
3 months ago
Information security

Microsoft fixes hack-me-via-Wi-Fi Windows security hole

Patch Tuesday updates include 49 CVE-tagged flaws, critical vulnerability in wireless networking, and publicly disclosed bug in DNSSEC. [ more ]
[ Load more ]