
Continuous Verification, AKA Just Doing DevOps
There are several ironies about DevOps that can sometimes cause confusion or perhaps take attention away from what really matters. Take “Shift Security Left” for instance. Yes, it’s cheaper and safer to catch errors before they get into production and, yes, developers should take more responsibility for the quality and security of their code. No one …
Continue reading “Continuous Verification, AKA Just Doing DevOps”

Create a Web Application Security Blueprint
The best way to make web applications secure is to include security at every step along the development process, from requirements analysis, to design, to implementation and testing, and into maintenance and update phases. To that end, it’s wise to consider a kind of “security blueprint” as part and parcel of how you work through …
Continue reading “Create a Web Application Security Blueprint”

The Role of SAST in DevSecOps
Most people involved in the process of creating and deploying software applications today are familiar with DevSecOps, which integrates security and operations into the software development process. In figurative terms, we think of the software development lifecycle as a timeline, starting with the design on the left and the deployment (and post-deployment activities) on the right. …

Lexington Soft Partners With DefenseCode to Bridge the Gap Between Security and DevOps
Chennai, Tamil Nadu, India: Lexington Soft Pvt. Ltd., has been appointed as a best-in-class enterprise software products and software development tools, to represent DefenseCode across South East Asia. DefenseCode offers two licensed solutions: Its flagship product, ThunderScan® is a SAST (Static Application Security Testing, WhiteBox Testing) solution for performing deep and extensive security analysis of …

From Zero to DevSecOps: How to Implement Security at the Speed of DevOps
The following is a guest post from Sharon Sharin, product marketing manager at WhiteSource.DeDe DevOps has become a popular buzzword in the software development industry. Many organizations have already embraced the DevOps methodology, but what about security? A common concern is that adding security to DevOps practices will severely slow down development processes, but this doesn’t need …
Continue reading “From Zero to DevSecOps: How to Implement Security at the Speed of DevOps”

Latest Version of CodeSonar Improves on C++ Analysis, MISRA Support; Introduces Subcommands for DevSecOps and More
The latest version of GrammaTech CodeSonar, Version 5.4, continues our commitment to being the go-to provider for static application security testing (SAST) and the static analysis tool of choice for improving software safety, security and quality. This release has several new features as well as compatibility updates, and other improvements. This release has several new features …

Cybersecurity: How Safe are Voice Assistants?
This new age in Artificial Intelligence is fascinating- and terrifying too. From ubiquitous digital assistants like Siri and Alexa to usage on factory floors, the impact of AI is by all means dizzying. Your cell phone mostly features a voice assistant. At best, Apple’s Siri- for instance- may seem like a “naïve” helper that can check weather …
Continue reading “Cybersecurity: How Safe are Voice Assistants?”