What does it take to make secure software? The Open Source Security Foundation (OpenSSF) has a few ideas (10 of them, in fact). This week at the OpenSSF Day Japan event in Tokyo, the nonprofit group ...

The Cybersecurity and Infrastructure Security Agency, the FBI, the National Security Agency and cybersecurity authorities of other international allies on Thursday published joint guidance urging ...

The Cybersecurity and Infrastructure Security Agency is looking for feedback on its “secure by design” white paper, which pushes software manufacturers to follow more stringent security principles in ...

It’s no surprise that demand for more secure software is rising and these two approaches claim to outline the best way forward. As cybersecurity professionals, we need to know that the software ...

WASHINGTON – The Cybersecurity and Infrastructure Security Agency (CISA), along with 17 U.S. and international partners, published an update to “Shifting the Balance of Cybersecurity Risk: Principles ...

The Cybersecurity Infrastructure Security Agency is pledging to go "left-of-boom" and surveil artificial intelligence software development practices in a new alert series, which offers lessons to ...

It is largely recognised among the IT security community that there is a direct correlation between the quality of code – as a percentage of coding errors per thousand lines of code – and cyber ...

At a time when many organizations still struggle to recruit and retain qualified cybersecurity talent, adversaries are moving faster than ever. According to the FortiGuard Labs 2H 2023 Threat ...

Software that prioritizes security at its most foundational level means designing it with customer security as a key goal rather than a tacked-on feature. And that concept — secure by design — is ...

Seventeen cybersecurity and defense agencies from different countries joined the U.S. Cybersecurity and Infrastructure Security Agency in updating a guidance on the implementation of secure-by-design ...

Security must be built into the core of any product or technological advancement during the early stages of design. Unfortunately, many software companies still treat cybersecurity as an afterthought.

Security leaders and software developers will benefit from deeper visibility into their organisations’ software development security posture as they work, bolstering moves towards the nirvana of ...