So-called ‘cloud native’ IT architectures are creating new threats for organizations, just as they look to update their technology infrastructure, security researchers have warned. Over half...
Cloud-based source code management (SCM) platforms support integration with self-hosted CI/CD solutions through webhooks, which is great for DevOps automation. However, the benefits can come with security trade-offs....
“Software can’t be the best without being secure.” This is according to Tanya Janca, who warns that businesses will “find themselves behind the security curve, so to...
A security researcher has discovered a way to launch code execution attacks by exploiting the GitHub Pages build process. Joren Vrancken netted a $4,000 reward for...
A global research commissioned by Cohesity reveals that nearly half of respondents say their company depends on outdated, legacy backup and recovery infrastructure to manage and protect their...
GitLab released the results of its annual DevSecOps survey which highlights the continued prioritization of security and compliance, investment in toolchain consolidation, and the ongoing impacts of rapid...
Mezmo published an ESG report which provides insights on DevSecOps adoption, its benefits, and the challenges with implementation. According to the study, only 22% of respondent...
Despite growing awareness of secure coding practices in software companies, developers are struggling to discover and report security issues during code reviews, according to a study...
A tool that aims to “keep the fun in hacking” by simplifying penetration test reports is being showcased at Black Hat USA’s Arsenal track yesterday (August...
Security researchers have identified multiple workflows in popular continuous integration and development (CI/CD) service GitHub Actions that are vulnerable to command execution. A research team from...
Recent Comments