Large or small, enterprises from all sectors are dealing with the same vulnerabilities in open source code. The difference: the scale of the problem. DJ Schleen of Sonatype discusses insights from the latest ISMG roundtable dinner.
As part of a multi-city tour, ISMG and Sonatype visited Atlanta recently for an engaging discussion on how to mitigate risks introduced by open source code. Here's a conversation with DevOps advocate Derek Weeks.
How can organizations overcome resistance to implementing DevSecOps? Johnathan Nicholson, former CISO at Interac, the Canadian interbank network, provides insights.
Code reuse kills - software quality, that is, according to a new study of C++ code snippets shared on Stack Overflow that were reused in more than 2,800 GitHub projects. But there's help for organizations that want to support their developers' urge to cut and paste prewritten code snippets.
Moving your network to the cloud offers many security benefits, cost savings and business agility. However, understanding risks within cloud networks can be a major challenge for security teams too often on the sidelines of cloud deployments and devops processes.
In this webinar, Skybox® Security Threat...
Moving your network to the cloud offers many security benefits, cost savings and business agility. However, understanding risks within cloud networks can be a major challenge for security teams too often on the sidelines of cloud deployments and devops processes.
In this webinar, Skybox® Security Threat...
DevOps is a cultural movement that was started in order to remove silos and enhance how teams collaborate and the role people, process and tech plays in this space. But now we are in the era of DevSecOps, which inserts cybersecurity smack in the middle of this culture - and natural tensions emerge. In this exclusive...
With a growing need for IT infrastructure monitoring, metrics have emerged as a way to gain insight to the trends and problems within your IT environment, especially when it comes to performance monitoring. Collectd is an open source daemon that collects system and application performance metrics. With this data,...
IT monitoring technology is moving forward rapidly, thanks in large part to machine learning and predictive analytics. If you're still getting by with a legacy IT solution, you're missing out on a lot more than a shiny object. The benefits of a New IT approach are being proven every day.
Download this whitepaper...
Since at least 2016, hacked websites have targeted zero-day flaws in current versions of Apple iOS to surreptitiously implant data-stealing and location-tracking malware, says Google's Project Zero team. Apple patched the latest vulnerabilities in February.
Incidents involving supply chain vendors pose increasingly significant risks to health data, says Rick McElroy of Carbon Black, who addresses "island hopping" and other emerging threats.
With attackers continuing to hammer weaknesses in software, organizations must prioritize application security more than ever, says Ian Ashworth of Synopsys. Thankfully, developers and middle management - bolstered by agile methodologies and DevOps - are increasingly leading the charge.
Since Sentara Healthcare adopted a DevSecOps approach, CISO Daniel Bowden says, his security team has gained improved visibility into the entire application development process.
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing careersinfosecurity.co.uk, you agree to our use of cookies.
