Security news that informs and inspires

Archive

5 results for tag Appsec:

Give IT a Break from Software Updates

Microsoft said it will pause non-security Windows updates beginning in May as part of its plan to reduce the update pressure on IT and security teams, as they are busy keeping organizations operational during the COVID-19 pandemic. Other software companies are adjusting their release schedules, recognizing that IT and security teams are currently stretched thin.

Appsec, Application Security, Appdev, CISO, Patch

GitHub’s npm Acquisition Will Boost JavaScript Security

The security of the JavaScript software ecosystem will get a significant boost with GitHub acquiring npm, which hosts and maintains the Node package manager and the package registry. GitHub has the resources to invest in robust and stable infrastructure, thorough vetting of software packages, and integration into GitHub's other services.

Javascript, Github, Appsec

Older Bugs in Software Add to Security Debt

In the rush to fix newer vulnerabilities, the older ones are left unaddressed. The resulting security debt increases the organization's risk of a breach, Veracode warned.

Application Security, Appdev, Appsec, Software Security, Software Development

GitHub Brings Automated Fixes With Dependabot

GitHub rolled out several new features designed to help developers write secure code at its recent GitHub Satellite conference last week in Berlin.

Software Security, Appsec, Microsoft

Applications Using Apache .htaccess at Risk for Attacks

The original vulnerability may be in a jQuery plugin, but the disconnect in how web developers use .htaccess with the Apache web server and how the server is actually configured means there are potentially more applications out there that are vulnerable to attack.

Vulnerability, Appsec, Apache