What does it take to make secure software? The Open Source Security Foundation (OpenSSF) has a few ideas (10 of them, in fact). This week at the OpenSSF Day Japan event in Tokyo, the nonprofit group ...

If one event demonstrated how vulnerable organisations and infrastructure around the world are to software vulnerabilities, it was Log4j. The critical zero-day vulnerability in the Java logging ...

For all the scary talk about cyberattacks from vendors and industry experts, relatively few attacks are actually devastating. But the Jaguar Land Rover (JLR) attack was. The JLR breach wasn’t some ...

Best ways to incorporate security into the software development life cycle Your email has been sent With the persistence of security issues in software development, there is an urgent need for ...

Federal agencies must now comply with a National Institute of Standards and Technology framework on secure software development. The Office of Management and Budget said Monday that “effective ...

In 1965, Ralph Nader’s groundbreaking book Unsafe at Any Speed exposed how car manufacturers prioritised style, performance, and profit over the safety of drivers and passengers. His narrative spurred ...

Customer satisfaction is key to product success. That’s why development teams are often tempted to prioritize application performance and functionality, hoping to introduce necessary cybersecurity ...

These CISA guides can help ensure cyber teams everywhere are buying software that is secure and follows development practices that don’t lead to future calamity. Your team is in charge of identifying ...

Value stream management involves people in the organization to examine workflows and other processes to ensure they are deriving the maximum value from their efforts while eliminating waste — of ...

Supply chain security continues to receive critical focus in the realm of cybersecurity, and with good reason: incidents such as SolarWinds, Log4j, Microsoft, and Okta software supply chain attacks ...