Software Integrity Blog

Archive for the 'Cloud Security' Category

 

Introducing Black Duck CoPilot

Today we’re happy to announce the release of Black Duck CoPilot by Synopsys (https://copilot.blackducksoftware.com/), a new cloud service that helps open source project teams catalog and report on their project’s dependencies and vulnerabilities. What is CoPilot and what does it do? Black Duck CoPilot is FREE for open source developers who use GitHub.com (the #1 open source repository in the world today) as the repository for their projects. It connects to your GitHub repositories and provides you with security risk information for your open source project’s dependencies (i.e. the open source components used to build your project).

Continue Reading...

Posted in Agile, CI/CD & DevOps, Cloud Security

 

CORD Project: Driving network solutions with open source

The CORD® platform uses leading-edge SDN, NFV, and cloud technologies to build nimble inline data centers at the edge of operator networks. Learn more.

Continue Reading...

Posted in Cloud Security, Open Source Security

 

With comparisons to Heartbleed, Cloudbleed may affect millions

The new Cloudbleed vulnerability, like Heartbleed, was discovered through routine fuzz testing and may affect 5.5 million websites and millions of users.

Continue Reading...

Posted in Cloud Security, Fuzz Testing

 

5 security industry buzzwords we love to hate

Computing security is an interesting space. One of the main aspects that makes it interesting is that there are many security terms that are ambiguous. With some words, we have no idea why we’ve come to use them! While these buzzwords aren’t going away any time soon, here is a list of buzzwords that most of the security industry loves to hate: 100% Secure Your security is only as good as your weakest link. It’s obvious to the current security world that there is no such thing as 100% secure. However, some organizations guarantee on their website that they are indeed 100% secure. This may seem like a good marketing strategy to attract customers who may not know much about security. It’s also asking for trouble when security professionals notice a claim like this. It is best to steer clear of this term. Hacker When we think of a hacker by that name, a criminal computer nerd comes to mind. You know, the dark shadowy figure in a hoodie that’s sitting behind a fancy laptop. The same figure who steals bank account details with the intention of reeking high-tech havoc.

Continue Reading...

Posted in Cloud Security

 

Examining containerization security challenges and solutions

Containerization is a relatively new way to host and deploy applications in comparison to the traditional hardware-based deployment or VM-based virtualization. It’s fast, cost effective, and efficient. But is it secure?

Continue Reading...

Posted in Cloud Security

 

Cloud-based application security testing challenges and tips

Cloud computing has influenced IT delivery services (including storage, computing, deployment, and management) with the maturity of automation and virtualization technologies. With these maturing technologies, a major obstacle in the adoption of cloud computing is security. Cloud security testing, as a relatively new service model, allows IT security testing service providers to perform on-demand application security testing in the cloud. This allows organizations to control costs while maintaining secure applications. Thus, the objective of cloud-based applications security testing is to enable these service providers to leverage cloud technologies and solutions in a secure manner.

Continue Reading...

Posted in Cloud Security

 

Embracing the security benefits of the cloud infrastructure

The original version of this post was published on SecurityWeek.

Continue Reading...

Posted in Cloud Security

 

The IoT sky is falling: How being connected makes us insecure

The original version of this post was published on SecurityWeek.

Continue Reading...

Posted in Cloud Security, IoT Security

 

5 essentials of cloud-based application security testing

If the applications can move to cloud, why can’t security testing?

Continue Reading...

Posted in Cloud Security

 

Cloud storage security storm: When it rains, it pours

What’s the state of cloud storage security? Not great. Cloud storage vulnerability research found 56 million records of unprotected data in cloud databases.

Continue Reading...

Posted in Cloud Security, Mobile App Security