Posted by Fred Bals on May 4, 2018
Software Integrity Insight is your resource on the cyber security and open source security that made the headlines!
via Synopsys Software Integrity: Chances are, hackers are aware of the growing popularity of containers as well, says technical evangelist Tim Mackey. Which is why we compiled eight takeaways from NIST’s report on container security so you can be proactive about vulnerabilities in your production environment.
via GitLab: Software professionals collectively recognize the value of working in highly collaborative environments and have experienced the benefits of doing so. While developers and managers are culturally aligned, workflow and tooling roadblocks delay delivery, preventing teams from reaching their maximum potential.
via SearchSecurity: An Electron framework flaw put major apps like Slack at risk of remote code execution. What is the flaw and what should be done to safeguard apps from similar vulnerabilities?
via CIOReview: Just in open source, a recent Black Duck by Synopsys analysis of its own KnowledgeBase™ found more than 900 health and medical projects representing 13 percent year-to-year growth, and more than 124 million lines of code, representing 65 percent annualized growth and more than 45,000 staff years of code contribution.
via BleepingComputer: A Dutch cyber-security firm has discovered that in-vehicle infotainment (IVI) systems deployed with some car models from the Volkswagen Group are vulnerable to remote hacking. Daan Keuper and Thijs Alkemade, security researchers with Computest, said they successfully tested their findings and exploit chains on Volkswagen Golf GTE and Audi A3 Sportback e-tron models.
via Undark: Modern digital life relies on layers of shared and dependent code that is, over time, vulnerable to deletions. Will an archive help?
via Globes: Synopsys is one of the largest and most veteran software companies in the world that you probably have never heard of. It began as a small startup that its founders established after leaving General Electric in 1986. It now has more than 12,000 employees and 100 offices worldwide, including a development center in Herzliya with 140 employees. Synopsys CEO Aart de Geus is visiting Israel to scout out cybersecurity and AI startups.
via Dark Reading: The EU’s General Data Protection Regulation (GDPR) will take effect on May 25, a response to data breaches and demands for greater oversight relating to security of personal identifiable information (PII). As shown by the recent Equifax and Cambridge Analytica debacles, the risks to PII are real as digital transformation makes all interaction data usable and the Internet of Things (IoT) causes an explosion of new data sources.
via StateScoop: If we do, it should be done with caution, says Tim Mackey, technical evangelist for Black Duck by Synopsys.
Get the latest AppSec news and trends sent directly to you.