Security News

The problem is, developers haven't had the most inspiring introduction to security training over the years, and anything that can be done to make their experience more engaging, productive, and fun is going to be a powerful motivator in helping them gain valuable secure coding skills. In a blog post from November 28, 2019, security research group Wisdom reported on a security bug they discovered on GitHub.

Scorecards provides an assessment of open-source packages, which developers can use to judge whether they are safe to introduce into their projects or systems. Introducing unknown code into a software can be risky, which is why Google is introducing a new scorecard system to help developers assess the risk of open-source dependencies before introducing them to their systems.

Ubiq Security announced the launch of its API-based encryption platform for developers. Ubiq has eliminated the traditional complexities of encryption, allowing developers and information security teams - even those without encryption or cryptography expertise - to integrate data encryption directly into applications in minutes, with nothing more than a few lines of code and two API calls.

DataStax announced that enterprises and developers now have the freedom to run any Apache Cassandra workload, anywhere, at global-scale with DataStax Astra on Amazon Web Services, Google Cloud Platform, and Microsoft Azure. Delivering on the mission to connect every developer in the world to the power of Cassandra with the freedom to run their data in any cloud or on any device, DataStax extends the availability of Astra on major cloud platforms.

Okta further extended its Okta Devices Platform Service capabilities to developers through the Okta Devices SDK. Using the Okta Devices SDK, developers can enable passwordless authentication through branded push notifications with biometric capabilities, minimizing friction for end-users and increasing security posture. "This dynamic landscape has placed an extra emphasis on today's modern businesses to be relevant across every device. The Devices SDK takes the customizability and security of the Okta Identity Cloud and puts it in the hands of developers everywhere."

Single sign on provider Okta is opening its platform to third-party developers with a new Okta Devices SDK and an accompanying API that it said will allow developers to "Leverage the power of Okta Verify to build customized, secure, and seamless login experiences for their customers." Announced at Okta Showcase 2020, the new SDK was built for a mobile-first world that Okta said requires organizations to constantly deliver new bespoke and custom-tailored experiences for customers.

DigitalOcean announced DigitalOcean App Platform, a new platform as a service offering that automates infrastructure management so developers can deploy their code to production in just a few clicks. "With millions of businesses started in the cloud each year, developers need a simple, fast and scalable way to ship the apps that power their ideas," said Apurva Joshi, VP of Product, DigitalOcean.

To this effect, cybersecurity researchers on Friday detailed a new methodology to identify exploit authors that use their unique characteristics as a fingerprint to track down other exploits developed by them. "Instead of focusing on an entire malware and hunting for new samples of the malware family or actor, we wanted to offer another perspective and decided to concentrate on these few functions that were written by an exploit developer," Check Point Research's Itay Cohen and Eyal Itkin noted.

Twitter developers are being warned of a security bug that may have exposed their applications' credential information - including sensitive application keys and access tokens. These applications allow Twitter users to incorporate multiple platforms into their Twitter account - for instance, OutTwit, a Windows application, allows users to access Twitter via Outlook.

Twitter developers are being warned of a security bug that may have exposed their applications' credential information - including sensitive application keys and access tokens. These applications allow Twitter users to incorporate multiple platforms into their Twitter account - for instance, OutTwit, a Windows application, allows users to access Twitter via Outlook.