“Speed is the new currency of business.” Chairman and CEO of Salesforce Marc R. Benioff’s words are especially potent today as many organizations small and large look for ways to speed up production during their shifts to digital. In software development, speed is a critical factor. Everything from shifting priorities to manual processes and siloed teams can seriously impede deployment schedules.

The percentage of open source code in the enterprise has been estimated to be in the 40 percent to 70 percent range. This doesn't make the headlines anymore, but even if your company falls in the average of this range, there is no dearth of work to do to clean up, comply with AppSec policies, and ship the product. Phew! So where do you start when it comes to resolving all the vulnerabilities uncovered in your open source libraries?

Today, we published the open source edition of our annual State of Software Security report. Solely focused on the security of open source libraries, the report includes analysis of 13 million scans of more than 86,000 repositories, containing more than 301,000 unique libraries. In last year’s open source edition report, we looked at a snapshot of open source library use and security.

The Biden administration released a new executive order for cybersecurity on May 12, 2021. Although many know the overarching message of the executive order, it’s also important to know the specific details outlined in each section.

This is part 2 in a mini-series about the current paradigm shift in security towards a continuous security approach. Richard Carlsson, Detectify CEO, was on Enterprise Security Weekly to shed light on it and this article delves into the need for velocity to activate this strategy.

Code Dx adds software vulnerability correlation, prioritization, and consolidated risk reporting. Today, Synopsys announced the acquisition of Code Dx, the provider of an award-winning application security risk management solution that automates and accelerates the discovery, prioritization, and remediation of software vulnerabilities.

Who can deny the importance of security for their website or online store? You may have already implemented some security measures, and you can feel quite complacent about it, but they are far from enough when we consider the security challenges. In recent years, even many leading websites and web apps faced a huge surge of security attacks on their websites.

With the rise of cyber attacks on web apps, organizations require AST tools that can help manage web application security and compliance. Remember the saga of Equifax and the unpatched Apache Struts vulnerability? It wasn’t that long ago, and it’s one of the most notorious web application security incidents to date.

5G introduces security concerns but threat modeling can help you make better informed decisions about your application security risks. 5G is fundamentally different from 4G, LTE, or any other network the telecommunications industry has ever seen before. It promises data rates 100 times faster than 4G, network latency of under 1 millisecond, support for 1 million devices/sq. km., and 99.999% availability of the network.