New & Notable
Secure software development News
May 06, 2020
In in effort to curb accidental data exposures in repositories, GitHub unveiled a new 'secret' scanning tool that examines public and private code repositories for sensitive data.
April 16, 2020
Private equity firm TPG Capital combined three acquisitions -- CollabNet VersionOne, XebiaLabs and Arxan Technologies -- to create the new DevSecOps-focused vendor.
August 07, 2019
In the keynote for Black Hat 2019, Square's Dino Dai Zovi emphasizes security as a collaborative effort by all software teams that relies on communication, automation and feedback.
October 22, 2018
A zero-day in jQuery File Upload could affect thousands of projects because the jQuery plugin vulnerability has existed for eight years and actively exploited for at least three years.
Secure software development Get Started
Bring yourself up to speed with our introductory content
Like any framework, Spring Security requires writing less code to implement the desired functionality. Learn how to implement the Spring Security architecture in this book excerpt. Continue Reading
Organizations shouldn't keep DevOps and security siloed. Bring them together as DevSecOps, ensuring security is built into applications earlier and with less of a struggle. Continue Reading
In this excerpt from Ric Messier's book, learn why software security testing and stress testing are critical components of an enterprise infosec program. Continue Reading
Evaluate Secure software development Vendors & Products
Weigh the pros and cons of technologies, products and projects you are considering.
Security must be part of IT from the start and then continue through the entire product lifecycle -- design, build, release and maintenance. Consumers now demand it. Continue Reading
Containers have revolutionized app development but pose many security challenges. Uncover how container vulnerability scanning can help and why to consider open source tools. Continue Reading
The Spring Security framework is a reliable way for Java developers to secure applications. However, proper implementation is critical to prevent the most common vulnerabilities. Continue Reading
Manage Secure software development
Learn to apply best practices and optimize your operations.
A successful DevSecOps rollout requires software developers to be equipped with the proper security skills and tools. Learn how to transition smoothly from DevOps to DevSecOps. Continue Reading
The T in IoT doesn't stand for trust, but it's a critical component of any IoT deployment. Follow the AEIOU vowel framework for an actionable blueprint of building trust in IoT. Continue Reading
In microservices and service mesh environments, communications don't follow static paths. As such, security teams must update their application threat modeling methods. Continue Reading
Problem Solve Secure software development Issues
We’ve gathered up expert advice and tips from professionals like you so that the answers you need are always available.
Codebase updates are critical, but what about when they introduce vulnerabilities? These three steps will help app developers secure codebase updates and keep their apps safe. Continue Reading
Using design principles with built-in security, along with properly defining exceptions, can help developers not only build safe code, but do so while meeting deadlines. Continue Reading
Making software secure by design requires tremendous consideration about how failures are handled. Learn more from these exception handling examples. Continue Reading