Why a secure software development life cycle is critical for manufacturers

Recent supply-chain breaches show how attackers exploit development tools, compromised credentials, and malicious NPM ...

Sonatype debuts guide to secure AI-assisted software development

Software supply chain management firm Sonatype Inc. today announced the launch of Sonatype Guide, a new developer tool that ...
ZDNet

Software development is still ignoring security. That needs to change fast

If one event demonstrated how vulnerable organisations and infrastructure around the world are to software vulnerabilities, it was Log4j. The critical zero-day vulnerability in the Java logging ...
InfoWorld

6 security risks in software development and how to address them

Experts share how software development teams can ‘shift security left’ and improve governance of open source usage, software deployment, and data management. CIOs and their IT departments face ...
JD Supra

Secure Software Development Attestation: A(nother) Government Requirement

On September 14, 2022, the Office of Management and Budget (“OMB”) issued a memorandum on Enhancing the Security of the Software Supply Chain through Secure Software Development Practices (“OMB Memo”) ...
TechRepublic

Best ways to incorporate security into the software development life cycle

Best ways to incorporate security into the software development life cycle Your email has been sent With the persistence of security issues in software development, there is an urgent need for ...
FedScoop

OMB orders agencies to comply with NIST framework for secure software

Federal agencies must now comply with a National Institute of Standards and Technology framework on secure software development. The Office of Management and Budget said Monday that “effective ...
Forbes

Enable Next-Gen Security For Your Software With Secure SDLC

Customer satisfaction is key to product success. That’s why development teams are often tempted to prioritize application performance and functionality, hoping to introduce necessary cybersecurity ...
CSOonline

Roundup: Global software supply chain security guidance and regulations

Supply chain security continues to receive critical focus in the realm of cybersecurity, and with good reason: incidents such as SolarWinds, Log4j, Microsoft, and Okta software supply chain attacks ...
Computer Weekly

Secure software: Third-party suppliers your first-party risk

In 1965, Ralph Nader’s groundbreaking book Unsafe at Any Speed exposed how car manufacturers prioritised style, performance, and profit over the safety of drivers and passengers. His narrative spurred ...
SD Times

Biden-Harris Administration to require secure software development attestation form for government software

Value stream management involves people in the organization to examine workflows and other processes to ensure they are deriving the maximum value from their efforts while eliminating waste — of ...