application development

software application

Episode 168: Application Security Debt is growing. Also: Web App Security in the Age of IoT

In this week’s episode of the podcast (#168), sponsored by Signal Sciences, Chris Eng of Veracode joins us to talk about the 10th annual State of Software Security Report and the problem of application security debt. Also, Brendan Macaraeg of Signal Sciences talks about the expanding landscape of web application attacks and defenses.

Huge Survey of Firmware Finds No Security Gains in 15 Years

A survey of more than 6,000 firmware images spanning more than a decade finds no improvement in firmware security and lax security standards for the software running connected devices by Linksys, NETGEAR and other major vendors.

Researcher warns DevOps Security is Back to the Future

The deployment of DevOps tools and platforms at many organizations recalls the bad old days of the 1990s, with lax control of authentication, loose configuration and scant attention to security, experts warn.

software application

Spotlight: Synopsys on democratizing Secure Software Development

We speak with Ravi Iyer, the Head of Product Management talks to us about the “democratization” of software development, as more and more companies become software publishers. Ravi and I talk about Polaris, a new software integrity platform that integrates a wide range of software testing and analysis tools into a common platform.

Facebook opens up on System that ‘protects Billions’

Facebook used a blog post on Friday to describe, in detail, the systems that it uses to secure its vast social network, including custom designed tools and so-called “red team” hacks.