Tag: vulnerabilities
Sonar Details OpenAPI Generator Flaw That Creates Source Code Vulnerability
Sonar, a provider of code scanning tools, revealed this week that it has discovered a flaw in a widely used tool for generating application programming interfaces (APIs) that makes it possible for ...
Sonatype Report Surfaces Software Supply Chain Security Challenges
Sonatype today during a virtual All-Day DevOps (ADD) event shared the results of a report that finds there has been a 156% increase in the number of malicious open source packages year-over-year, ...
Sonar Adds AI Tools to Identify Issues and Fix Code Created by Machines and Humans
Sonar, in addition to adding generative artificial intelligence (AI) capabilities to its core platform for remediation vulnerabilities, also unveiled a tool that identifies vulnerabilities in code generated by artificial intelligence (AI) platforms ...
JFrog Extends GitHub Alliance to Provide Unified Dashboard
JFrog and GitHub today extended their alliance to provide a unified dashboard that makes it simpler to track and prioritize vulnerabilities from source code to the binaries that are ultimately deployed ...
Report Surfaces Thousands of Potential Vulnerabilities in GitHub Workflows
An analysis of 2.5 million GitHub Actions workflow files belonging to 553,000 organizations and personal users surfaces thousands of potential vulnerabilities ...
Ensuring Application Security from Design to Operation with DevSecOps
Alex Vakulov | | application security, devsecops, secure development, security, security testing, vulnerabilities
Safe development is critical for any company that creates software, whether for its own use or for others. DevSecOps principles focus on automating information security processes and introducing security measures early in ...
Datadog DevSecOps Report Shines Spotlight on Java Security Issues
Datadog today published a State of DevSecOps report that finds 90% of Java services running in a production environment are vulnerable to one or more critical or high severity vulnerabilities introduced by ...
Survey Sees Limited DevSecOps Progress Being Made as Vulnerabilities Mount
A recent survey found that, on average, organizations have 55.5 security vulnerabilities each day in their remediation queue, with at least one critical ...
Cycode Brings Generative AI to App Security Posture Management
Mike Vizard | | application security, appsec, ASPM, Cycode, generative AI, posture management, vulnerabilities
Cycode's generative AI capabilities in its ASPM platform make it simpler for DevSecOps teams to identify the root cause of vulnerabilities ...
Veracode Report Shines Spotlight on Massive Application Security Debt
In an analysis of more than a million applications, Veracode found 42% contained flaws that remained unfixed for longer than a year ...
Squaring the Circle: How to Make Public APIs Private
Many API attacks are effectively zero-day, novel attacks that exploit recent and unique changes to specific APIs. Here's how to stop them ...
Lineaje Allies With Persistent Systems on Open Source Software Remediation Service
Mike Vizard | | Lineaje, open source, Persistent Systems, remediation, SBoM, Software Supply Chain, vulnerabilities
Lineaje and Persistent Systems are providing a managed service for remediating open source vulnerabilities that leverages AI technologies ...
