Like any relationship, DevSecOps works best when there is a solid commitment, open communication and strong resolve in the face of challenges.
Security researchers observed an attack campaign that is targeting Linux servers to install samples of the new SpeakUp Trojan.
In the information security field, we're always practicing finding vulnerabilities, keeping threats at bay, responding to cybersecurity incidents and minimizing long-term business risks.
Researchers have spotted a malvertising campaign that is delivering two payloads to victims: the Vidar information stealer and GandCrab ransomware.
Security researchers report that the newest version of NRSMiner crypto-mining malware is causing problems for companies that haven't patched the EternalBlue exploit.
By completing the phases of the system development life cycle (SDLC), security teams can integrate processes and technologies into the development process and improve application security.
To ring in the new year, application security teams should resolve to implement more security into the development process, prioritize consumer trust and pay more attention to false negatives.
Since governments have so many potential attack vectors to manage, government cybersecurity professionals need clear processes, procedures and authority to harden vulnerable environments.
IBM X-Force's top security predictions for 2019 cover a range of potential attack schemes and consequences, from industry-specific prognostications to a rapid expansion of emerging criminal schemes.
When used as part of the software development process, machine learning can help identify vulnerabilities before threat actors have a chance to exploit them.