vulnerabilities Archives - Developer Tech News

GitLab releases critical security patches amid vulnerability streak

Ryan Daws — Fri, 11 Oct 2024 13:30:48 +0000

GitLab has released a new round of critical security patches for its Community Edition (CE) and Enterprise Edition (EE) products. The company strongly recommends that all self-managed GitLab installations be upgraded immediately to one of the latest versions: 17.4.2, 17.3.5, or 17.2.9. These patch releases address several critical and high-severity vulnerabilities, including a critical flaw... Read more »

The post GitLab releases critical security patches amid vulnerability streak appeared first on Developer Tech News.

Safe Coding: Google’s strategy reduces memory safety vulnerabilities

Ryan Daws — Thu, 26 Sep 2024 14:10:17 +0000

Google has unveiled compelling data highlighting the efficacy of its “Safe Coding” approach in reducing memory safety vulnerabilities. The tech giant’s strategy, which prioritises the use of memory-safe programming languages for new code development, has yielded impressive results. Most notably, Android has seen a sharp decline in memory safety vulnerabilities, plummeting from 76% of all... Read more »

The post Safe Coding: Google’s strategy reduces memory safety vulnerabilities appeared first on Developer Tech News.

GitHub’s Copilot Autofix triples vulnerability remediation speed

Ryan Daws — Wed, 14 Aug 2024 16:00:08 +0000

Shipping software quickly often comes at the cost of security, with vulnerabilities inadvertently making their way into production code. This poses a significant challenge, as many developers find security requirements complex and difficult to implement. “Developers are shipping software faster than previously imaginable, releasing new features early and often. Yet, despite their best efforts to... Read more »

The post GitHub’s Copilot Autofix triples vulnerability remediation speed appeared first on Developer Tech News.

Google paid $10M to bug hunters in 2023

Ryan Daws — Wed, 13 Mar 2024 15:21:29 +0000

Google has revealed that it paid out $10 million to over 600 bug hunters from 68 countries in 2023. Throughout the year, Google’s bug hunter community played a pivotal role in identifying and addressing thousands of vulnerabilities across various Google platforms. The company’s dedication to incentivising researchers saw the introduction of several new programs and... Read more »

The post Google paid $10M to bug hunters in 2023 appeared first on Developer Tech News.

OpenText unveils next-gen cybersecurity auditing technology

Ryan Daws — Tue, 06 Feb 2024 09:15:09 +0000

OpenText has unveiled the second generation of its advanced cybersecurity auditing technology called Fortify Audit Assistant—aiming to help developers build more secure software amid rising threats and complexity in multi-cloud environments. The key upgrade is the use of predictive analytics and machine learning to emulate human security auditors. By learning from 10 years of human... Read more »

The post OpenText unveils next-gen cybersecurity auditing technology appeared first on Developer Tech News.

David DeSanto, GitLab: AI’s impact on software development in 2024

Ryan Daws — Thu, 07 Dec 2023 15:18:37 +0000

David DeSanto, Chief Product Officer at GitLab, foresees a paradigm shift in the realm of software development in 2024—with AI taking centre stage. GitLab’s 2023 Global DevSecOps Report serves as the foundation for these predictions, offering a glimpse into the future landscape of organisations’ software development toolchains. AI bias: A hurdle on the path to... Read more »

The post David DeSanto, GitLab: AI’s impact on software development in 2024 appeared first on Developer Tech News.

PHP 8.0 reaches EOL leaving some websites vulnerable

Ryan Daws — Mon, 27 Nov 2023 12:43:31 +0000

PHP 8.0 reached its end of life (EOL) on 26 November 2023 and will no longer receive any updates or patches. PHP 8.0 was released on 26 November 2020 and brought many new features and improvements such as named arguments, attributes, constructor property promotion, match expression, nullsafe operator, JIT, and more. The EOL of PHP... Read more »

The post PHP 8.0 reaches EOL leaving some websites vulnerable appeared first on Developer Tech News.

AI coding assistants: A double-edged sword for DevOps in 2024

Ryan Daws — Fri, 10 Nov 2023 14:06:02 +0000

A growing reliance on AI-powered coding assistants is reshaping how DevOps teams operate, for better or worse. According to Forrester’s 2024 cybersecurity, risk, and privacy predictions, AI coding assistants are becoming integral to boosting productivity. However, a cautionary note accompanies this technological shift, as Forrester warns of potential pitfalls that could lead to cybersecurity breaches.... Read more »

The post AI coding assistants: A double-edged sword for DevOps in 2024 appeared first on Developer Tech News.

Wallarm highlights disturbing trends in API security threats

Ryan Daws — Wed, 08 Nov 2023 10:40:12 +0000

Wallarm has released its Q3 2023 API ThreatStats report which sheds light on the escalating threats targeting APIs and revealing vulnerabilities that have impacted industry giants such as Netflix, VMware, and SAP. The report’s revamped ‘Top 10 API Security Threats’ compilation outlines 239 vulnerabilities discovered during the quarter, with injections taking the lead. Injections involve... Read more »

The post Wallarm highlights disturbing trends in API security threats appeared first on Developer Tech News.

Salt launches STEP program to enhance API security for enterprises

Ryan Daws — Wed, 23 Aug 2023 12:00:06 +0000

Salt Security has launched an initiative to help enterprises significantly reduce risk across their API ecosystem. The STEP (Salt Technical Ecosystem Partner) program encompasses the integration of AI-driven API security insights into existing workflows and tools within organisations. This integration empowers joint customers to bolster their security posture using the Salt Security API Protection Platform.... Read more »

The post Salt launches STEP program to enhance API security for enterprises appeared first on Developer Tech News.