Amy Herzog, chief information security officer for Ads and Devices at Amazon, shares how her cybersecurity team accelerates product development by integrating security from the start to secure customer data on popular consumer devices such as Ring and Alexa.
After high-profile security incidents, Microsoft has dedicated 34,000 engineers to advancing security across all platforms, focusing on identity protection and rapid response. The company is embedding security into product development and governance frameworks to mitigate growing cyberthreats.
APIs are the connections that make digital business happen. Companies on average rely on more than 15,000 APIs, but these interfaces pose security risks. In this "Deep Dive" special report, ISMG's Anna Delaney explores how security leaders are tackling API security.
Trail of Bits' Michael Brown explores the dual challenges of applying AI and ML to cybersecurity and securing these evolving technologies themselves. He discusses the complementary nature of traditional and AI/ML-based approaches and highlights the pressing need for secure development life cycles.
Snyk CEO Peter McKay discusses lessons from the recent CrowdStrike outage, emphasizing the importance of robust development practices, effective communication and the integration of quality and security in modern software development. He also highlights Snyk's role in advancing developer security.
CrowdStrike must enhance testing and validation procedures and address deficiencies in its current quality assurance processes to minimize attrition. CrowdStrike should conduct a technical retrospective to understand the root cause of the faulty software content update and make necessary changes.
Developers are using more and more open-source code because they "want to move fast," said Cycode's Lotem Guy. But the speed of development and the continuous deployment that follows means security teams have to catch up to the fast-moving development life cycle.
Synopsys' Software Integrity Group will become a standalone company under Francisco Partners and Clearlake once the $2.1 billion transaction closes. General Manager Jason Schmitt explains the significance of the acquisition, the carve-out process and future growth strategies.
More development organizations are building and leveraging ML/AI models for use in software applications. However, a lack of standardized best practices on how to incorporate MLOps into the broader software supply chain has led ML model development to largely occur in isolation from the rest of software development....
In an era where digital threats evolve rapidly, understanding and mitigating software supply chain vulnerabilities has never been more critical. JFrog, in collaboration with Dark Reading, presents a pivotal resource: “How Supply Chain Attacks Work – and How to Secure Against Them.” This essential guide offers a...
Artifacts are the valuable building blocks and products of
software development. In today's fast-paced and rapidly evolving software development landscape, effectively managing artifacts has become a critical factor in ensuring business success.
Understanding and implementing effective artifact management practices...
Too Many Tools, Not Enough Value
As organizations look to cut costs, increase efficiency, and improve security, tool consolidation is becoming an urgent need.
In this eBook you’ll learn best practices, tips, and areas to start consolidating your tool sets for greater efficiency, security, and cost...
Malicious actors can use quantum computing to break encryption algorithms and exploit the trust that users place on legitimate applications and websites, and only post-quantum cryptography can defeat the threat and preserve the sanctity of digital communications, said Amit Sinha, CEO, DigiCert.
According to a recent survey, 95% of developers are already using AI as part of their development work. However, for every opportunity there is - there is also a concern.
Join this upcoming webinar to dive into topics relating:
Leading trends around Gen AI, including low-code, and hyperautomation;
Best practices...
As organizations embrace digital transformation, software security challenges have become increasingly complex. Adriana Freitas, director of the European Foundation Anti-Phishing Working Group, offers insights on the imperative role of DevSecOps in modern cybersecurity practices.
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing careersinfosecurity.eu, you agree to our use of cookies.