OMB has issued a memo directing agencies to adopt a risk-based approach to software and hardware security and rescinding ...

Federal agencies will no longer be required to get SBOMs from tech vendors, nor attestations of compliance with NIST's ...

Features Black Duck’s Chief Product and Technology Officer Dipto Chakravarty on key topics like AI agents and quantum ...

95% of planned development tasks are not properly assessed for security risk. Addressing security early in the design phase is far more cost-effective than fixing vulnerabilities later. Retrofitting ...

For all the scary talk about cyberattacks from vendors and industry experts, relatively few attacks are actually devastating. But the Jaguar Land Rover (JLR) attack was. The JLR breach wasn’t some ...

Software security may finally be getting the attention it deserves as more countries institute necessary guidelines. But with threats increasing against the software supply chains, it is too soon to ...

In the technology field, what seems niche today often becomes tomorrow’s industry standard—and that’s definitely true of software development. From test-driven design and AI-powered code reviews to ...

The US Cybersecurity & Infrastructure Security Agency (CISA) has published IT sector-specific goals (IT SSGs) to protect against cyber threats, including 11 software development process goals and ...

Customer satisfaction is key to product success. That’s why development teams are often tempted to prioritize application performance and functionality, hoping to introduce necessary cybersecurity ...

SUNNYVALE, Calif.--(BUSINESS WIRE)--BlueFlag Security, a leader in software development lifecycle (SDLC) security and governance, is proud to be named an IDC Innovator in the report, IDC Innovators: ...

As we approach the mid-year of 2024, most CISOs and CSOs have established and are currently executing their organizations' security posture priorities for the year. While the industry made significant ...