PRESS RELEASE: Qwiet AI Expands Integrations, Language Support, and AutoFix Capabilities | Read Here
Key Takeaways AI has transformed both software development and the threat landscape. Code is being generated faster than ever, often without the context or security awareness needed to keep it safe. This demands a new approach to how we think about application security. Traditional AppSec tools fall short in modern, AI-assisted workflows. Legacy scanners struggle […]
READ MORE
For a lot of programmers, Python is their “love language.” Easy to learn and use, Python is perfect for building cutting-edge machine learning and cloud computing projects. Unfortunately, knowing that programmers love Python, malicious actors have started targeting the Python Package Index (PyPI) as part of supply chain attacks. As researchers identify more malicious Python […]
According to the 1980’s cartoon G.I. Joe, “knowing is half the battle.” Unfortunately, threat actors often have more information than their targets, which is why they’re so successful. For developers and AppSec teams, having information about threat actor tactics, techniques, and procedures (TTPs) helps even the digital battlefield. Threat intelligence feeds provide data about malicious […]
The National Cybersecurity Strategy Implementation Plan plays a vital role in safeguarding the digital infrastructure of the nation. This comprehensive plan, outlined by the White House, is comprised of three pillars and sets forth a roadmap to enhance cybersecurity measures across various sectors. Pillar Three of the implementation plan focuses on the need for developers […]
Software engineers’ ideal state includes being able to work with minimal disruption. This “flow state” is when they are most productive and have the best chance of delivering the products and features they are tasked with producing within the required timeline. Whenever something adversely impacts their flow state productivity, mental health, and overall effectiveness may […]
In the ever-evolving world of cybersecurity, staying informed about the latest threats and trends is crucial. To cater to the growing need for expert insights, we are thrilled to announce the launch of the new Hacking Exposed podcast. Hosted by renowned cybersecurity expert Stuart McClure, this podcast promises to be a treasure trove of knowledge […]
I couldn’t walk five feet at RSA recently without someone asking me about ChatGPT. The questions all boiled down to “ChatGPT—is it bad, really bad, or just plain horrible?” ChatGPT is all of these things, and at the same time it is none of them. ChatGPT is only what we make of it. Like any […]
In the ever-evolving landscape of cybersecurity, zero-day vulnerabilities tend to steal the limelight. These newly discovered vulnerabilities are often seen as the epitome of sophisticated cyberattacks, capturing headlines and fueling the imagination of both the public and cybersecurity professionals. However, the reality is that while zero-day vulnerabilities may be intriguing, the majority of successful cyberattacks […]
Number of lines of code. Number of commits. Number of bugs caught. Such are the old metrics of development. All very macho, all very developer bro—and all not terribly effective. These days, development is about quality, not quantity. It is about closing the gap between development and business, so technology solves tangible problems. At cdCon […]
In a recent thread on a discussion forum, a group of developers discussed time lost on bug chasing. One developer lamented that he lost 5 days; another 5 years between the time it was discovered and the time it was finally resolved. Still another developer estimated that in an organization of 400 engineers, he and […]
