In this week’s episode of the podcast (#168), sponsored by Signal Sciences, Chris Eng of Veracode joins us to talk about the 10th annual State of Software Security Report and the problem of application security debt. Also, Brendan Macaraeg of Signal Sciences talks about the expanding landscape of web application attacks and defenses.
A survey of more than 6,000 firmware images spanning more than a decade finds no improvement in firmware security and lax security standards for the software running connected devices by Linksys, NETGEAR and other major vendors.
The deployment of DevOps tools and platforms at many organizations recalls the bad old days of the 1990s, with lax control of authentication, loose configuration and scant attention to security, experts warn.
We speak with Ravi Iyer, the Head of Product Management talks to us about the “democratization” of software development, as more and more companies become software publishers. Ravi and I talk about Polaris, a new software integrity platform that integrates a wide range of software testing and analysis tools into a common platform.
Facebook used a blog post on Friday to describe, in detail, the systems that it uses to secure its vast social network, including custom designed tools and so-called “red team” hacks.