Security News

How to improve relations between developers and security teams and boost application security
2021-09-24 19:43

Chris Wysopal shared a history lesson about the evolution of application security and advice on how to make all apps more secure. Wysopal, who is Veracode's CTO and co-founder shared a short history of his time as an application security researcher, from his time with The L0ft hacker collective to testifying in front of Congress to doing security consulting with Microsoft in the early 2000s.

TrickBot gang developer arrested when trying to leave Korea
2021-09-06 15:24

An alleged Russian developer for the notorious TrickBot malware gang was arrested in South Korea after attempting to leave the country. The TrickBot cybercrime group is responsible for a variety of sophisticated malware targeting Windows and Linux devices to gain access to victim's networks, steal data, and deploy other malware, such as ransomware.

Identity is replacing the password: What software developers and IT pros need to know
2021-08-31 18:52

Identity and access management is pushing application security past single-factor authentication and even multi-factor authentication to a risk management model says Ping Identity CEO. Identity and access management systems are making it easier for software developers to secure their applications, for employees and customers to access the tools and services they need and for companies to protect their systems and data. On a recent episode of Dynamic Developer , I spoke with Andre Durand, Founder and CEO of Ping Identity about how the changing landscape of identity and access management are affecting software development.

Elliptic Labs partners with Maxim Integrated to offer touchless sensing solutions to PC and TV developers
2021-07-27 23:30

Elliptic Labs has announced that it certified the operation of its AI Virtual Smart Sensor Platform with the MAX98396 smart audio amplifier from Maxim Integrated Products. Elliptic Labs and Maxim Integrated are targeting next-generation smart devices to run critical and innovative user experiences, like presence detection and 3D touchless gesture sensing, on Maxim Integrated's audio amplifier technology.

ShiftLeft Educate provides consistent and contextual training for developers of different skill levels
2021-07-19 02:30

ShiftLeft announced general availability of ShiftLeft Educate, a solution that delivers highly-effective security training for developers within the developer workflow. Designed in partnership with Application Security Training platform Kontra, ShiftLeft Educate provides consistent and contextual training for developers of different skill levels, enabling them to quickly learn security best practices and fixes for issues currently in their code.

The rise of the Developer Experience Engineer, and why it matters
2021-07-16 05:00

Engineering teams need a leader, a Developer Experience Engineer, who ensures developers have the right tools, processes, and environment to maximize productivity and create the greatest business value possible. The role of the Developer Experience Engineer becomes ever more important to create efficiencies and shared practices between ambitious and energized teams.

New Zero-Trust API Offers Mobile Carrier Authentication to Developers
2021-07-15 05:43

To help achieve progress on Zero Trust, there is now a new, easy way to implement continuous user verification by connecting directly to the authentication systems used by mobile operators - without the overhead of processing or storing user data. The Zero Trust model of identity verification essentially means never trusting that a returning user is whom they claim to be, regardless of their location or previous successful attempts.

Contrast Security partners with Secure Code Warrior to deliver security training for developers
2021-07-09 23:30

Contrast Security announced its integration with Secure Code Warrior to deliver just-in-time security contextual micro-learning modules to enhance developers' skills to easily fix vulnerabilities without the need of a security team. Recognizing that traditional security training models simply do not scale and provide developers with the just-in-time training demanded by modern software development life cycle, Contrast and Secure Code Warrior have partnered for just-in-time approach that empowers developers to develop secure coding skills while they write and release code.

LoginID SDK empowers developers to integrate FIDO strong authentication into their websites or apps
2021-07-01 01:00

LoginID announced additional SDK options for developers. These SDKs empower developers to integrate FIDO strong authentication into their websites or apps.

New Security Measures Announced for Google Play Developer Accounts
2021-06-29 13:41

Google on Monday announced new security measures for developer accounts on Google Play, meant to ensure that each account is created by a real person. Google Play, which provides access to millions of Android applications and games, has been abused by threat actors for the distribution of malware, and Google is looking for new ways to strengthen the security of both developers and users.