Companies have transitioned since COVID-19 began from lifting and shifting their existing apps to the cloud to entirely rebuilding their applications in cloud-native form. Palo Alto President BJ Jenkins says companies need "shift left" security to get protection as they're coding and building apps.
APIs, containers, and clouds, oh my! Organizations use modern software development to deliver incredible user experiences and better performance. Just don’t look behind the curtain; behind that curtain, ingress points and opportunities for attackers are proliferating. That’s why securing cloud-native applications...
The $250 million acquisition of Cider Security will allow Palo Alto Networks to secure a piece of code from development to its implementation in a runtime environment. CEO Nikesh Arora says the company must understand the tool sets and open-source widgets coming into the customer's supply chain.
Ngrok has closed a $50 million Series A round to provide enterprise-grade authentication and user and session observability without adding complexity for developers or users. Ngrok will use the proceeds to support additional authentication protocols and build out integrations and connections.
Snyk hauled in nearly $200 million just weeks after laying off 198 employees but had to slash its valuation by $1.1 billion to seal the deal. The company intends to use the Series G proceeds to enhance and expand its developer security platform through both organic investments and acquisitions.
Software has increasingly relied on components developed by third parties or from open-source libraries, which Aqua Security CEO Dror Davidoff says injects additional risk. On-premises environments are still managed in more traditional ways, with the development and production phases totally siloed.
Organizations should build apps and design development workflows in a way that embraces how quickly cloud-native architectures change, says Snyk Solutions Engineer Iain Rose. Unlike traditional on-premises environments, containerized applications are designed to be ephemeral, Rose says.
The SolarWinds attack in December 2020 put software supply chain security on the radar of many organizations, and new threats have been rapidly multiplying ever since. But surveys show that 71% of security professionals have misconceptions about what effective software supply chain security entails and have yet to...
Resiliency is a core topic in OWASP's Mobile Application Security Verification Standard. What's key context to know? Dan Shugrue of Digital.ai discusses how to deepen a DevSecOps program by training developers in code obfuscation, anti-tamper, RASP and monitoring.
The nature of the new "norm" in this post-pandemic era of remote work is revolutionizing how your organization has to operate. With dozens of applications used across a diverse landscape, how do you ensure that your organization stays secure while being compliant with changing rules and regulations?
The push to migrate applications to cloud-native architectures has driven increased use of containers and created the need for more security, says Veracode CEO Sam King. Veracode's expertise in application security helps the company identify open-source code and known vulnerabilities in containers.
Palo Alto Networks will make its first major acquisition in nearly two years, scooping up application security startup Cider Security for $250 million. The Silicon Valley-based platform security behemoth will fork over $194.6 million of cash as well as $55.4 million of replacement equity for Cider.
The traditional application development model that puts security checks at the end of the process creates needless friction that slows down organizations, says Snyk solutions engineer Matt Mintzer. Application security specialists need to build tracks rather than guardrails for development, he says.
According to a recent report, 69% of CISOs say the volume of alerts make it difficult to prioritize vulnerabilities. That’s one of the reasons why picking open-source packages to use in your application is a strenuous process. Package ecosystems such as NPM have over a million packages in them, and when you are...
There was one major problem when Equifax had to change its entire approach to transforming their IT environment — the management of open source libraries needed to be more advanced.
Learn how Sonatype's full-spectrum software supply chain automation with the Nexus Platform brought a holistic approach to managing...
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing bankinfosecurity.com, you agree to our use of cookies.