Security Experts:

long dotted

NEWS & INDUSTRY UPDATES

F5 Networks agreed to acquire Volterra, a Santa Clara, Calif.-based provider of tools that help customers deploy applications and build clouds across multiple cloud providers or their own edge locations. [Read More]
The Silicon Valley company, which automates security across public and private cloud deployments, is now valued north of $1 billion. [Read More]
The business communications platform acknowledged an “incident” causing major disruptions to cybersecurity teams around the world. [Read More]
Application intelligence startup Bionic has emerged from stealth mode with $17 million raised in seed and Series A funding rounds. [Read More]
OpenSSF announces an open source tool designed for evaluating the ability of static analysis security testing (SAST) products to detect vulnerabilities. [Read More]
Apache releases security patch to address remote code execution vulnerability in Struts 2. [Read More]
API security platform provider Salt Security announced has raised $30 million in Series B funding led by Sequoia Capital, and has now raised a total of $60 million in funding. [Read More]
The OpenSSL Project today warned that the widely deployed TLS/SSL toolkit is vulnerable to a serious security flaw that exposes users to denial-of-service attacks. [Read More]
Canonical has published hardened LTS container images on Docker Hub, promising up to 10 years of security maintenance. [Read More]
build.security emerges from stealth mode with an authorization policy management platform and $6 million in seed funding. [Read More]

FEATURES, INSIGHTS // Application Security

rss icon

Gunter Ollmann's picture
CISOs are increasingly partnering with DevOps leaders and vigilantly modernizing secure development lifecycle (SDLC) processes to embrace new machine learning (ML) approaches.
Gunter Ollmann's picture
The philosophy of integrating security practices within DevOps is obviously sensible, but by attaching a different label perhaps we are likely admitting that this “fusion” is more of an emulsification.
Preston Hogue's picture
The ability to look deeply into user and system behavior and identify the smallest anomaly will become the essential toolkit to stem the tide of fraud and theft in financial services.
Preston Hogue's picture
Retailers should ensure that they are proactively scanning for vulnerabilities in the website, as well as deploying a solution to monitor traffic.
Preston Hogue's picture
Every piece of hardware, every integration, every API, every process, as well as applications themselves, are potential targets.
Preston Hogue's picture
Applications have been deconstructed to the point where we need to think about them with a new level of abstraction to understand how security needs to evolve.
Preston Hogue's picture
The best way for the security industry to meet the challenge of modern applications and modern app development is to adopt a modern way of supporting those from a security perspective.
Preston Hogue's picture
ChatOps offers a bridge to a fully realized vision for DevSecOps, offering a much quicker path to resolution for both security and non-security issues.
Preston Hogue's picture
If done right and integrated throughout the process, security ends up being not a source of friction, but a function that protects the business, at the speed of business.
Ashley Arbuckle's picture
With a holistic approach you can enable efficient segmentation across your infrastructure, identify anomalies faster by using process behavior deviations, and reduce your attack surface quickly.