CyberSecurityBoard
Sponsor Register Login

Security first in software? AI may help make this an everyday practice

DevSecOps - like its fraternal twin, DevOps - has been a process in play for several years now in software shops, intended to enable more collaborative and intelligent workflows.
Now, AI is poised to add more juice to these efforts - but many are still skeptical about its implications.
Also: AI brings a lot more to the DevOps experience than meets the eye.
These are some of the takeaways from a recent survey out of the SANS Institute, involving 363 IT executives and managers, which finds rising interest in adding AI or machine learning capabilities to DevSecOps workflows.
Just over the past year, there has been a significant increase in the use of AI or data science to improve DevSecOps through investigation and experimentation - from 33% in 2022 to 49% in 2023.
While interest in applying AI to the software development lifecycle is on the rise, there is also healthy skepticism about going full-throttle when injecting AI into workflows.
Also: Generative AI now requires developers to stretch cross-functionally.
Many organizations feel an urgent need for more qualified DevSecOps personnel - 38% report skills gaps in this area.
Platform engineering, intended to streamline the flow of software from idea to implementation, also is gaining ground - fully or partially adopted by 27% of respondents.


This Cyber News was published on www.zdnet.com. Publication date: Tue, 19 Dec 2023 22:13:05 +0000


Cyber News related to Security first in software? AI may help make this an everyday practice

Embracing Security as Code - Everything is smooth until it isn't because we traditionally tend to handle the security stuff at the end of the development lifecycle, which adds cost and time to fix those discovered security issues and causes delays. Over the years, software ...
6 months ago Feeds.dzone.com
What is Word Unscrambler In Gaming? - Are you tired of getting stuck on those tricky word puzzles in your favourite mobile game? Have you ever wished for a tool to help unscramble those seemingly impossible words? Look no further because the word unscrambler is here to save the day! This ...
1 year ago Hackread.com
McCaffrey Joins 'ASTORS' Champion SIMS Software Board of Advisors - SIMS Software, the leading provider of security information management software to the government and defense industries - and the 2023 Platinum 'ASTORS' Award Champion for Best Security Workforce Management Solution, is delighted to announce that ...
5 months ago Americansecuritytoday.com
Microsoft Security Copilot improves speed and efficiency for security and IT teams - First announced in March 2023, Microsoft Security Copilot-Microsoft's first generative AI security product-has sparked major interest. With the rapid innovations of Security Copilot, we have taken this solution beyond security operations use cases ...
6 months ago Microsoft.com
6 Best Cloud Security Companies & Vendors in 2024 - Cloud security companies specialize in protecting cloud-based assets, data, and applications against cyberattacks. To help you choose, we've analyzed a range of cybersecurity companies offering cloud security products and threat protection services. ...
4 months ago Esecurityplanet.com
Week in review: PoC for Splunk Enterprise RCE flaw released, scope of Okta breach widens - Vulnerability disclosure: Legal risks and ethical considerations for researchersIn this Help Net Security interview, Eddie Zhang, Principal Consultant at Project Black, explores the complex and often controversial world of vulnerability disclosure in ...
7 months ago Helpnetsecurity.com
Protecting Critical Infrastructure Means Getting Back to Basics - Critical infrastructure organizations are undergoing dramatic changes in their technology and cybersecurity landscapes that make them both more efficient and more vulnerable. Nation-state actors and cybercriminals increasingly are targeting the ...
5 months ago Darkreading.com
Consumer Software Security Assessment: Should We Follow NHTSA's Lead? - The US National Highway Traffic Safety Administration is dedicated to its mission: "To save lives, prevent injuries, and reduce economic costs due to road traffic crashes, through education, research, safety standards, and enforcement." Is it time to ...
7 months ago Darkreading.com
New "MITRE ATT&CK-like" framework outlines software supply chain attack TTPs - A new open framework seeks to outline a comprehensive and actionable way for businesses and security teams to understand attacker behaviors and techniques specifically impacting the software supply chain. The Open Software Supply Chain Attack ...
1 year ago Csoonline.com
New NCCoE Guide Helps Major Industries Observe Incoming Data While Using Latest Internet Security Protocol - PRESS RELEASE. Companies in major industries such as finance and health care must follow best practices for monitoring incoming data for cyberattacks. The latest internet security protocol, known as TLS 1.3, provides state-of-the-art protection, but ...
5 months ago Darkreading.com
8 Strategies for Defending Against Help Desk Attacks - COMMENTARY. Defensive security techniques often lag offensive attack tactics, opening companies to heightened risk from rapidly evolving threats. An alarming case in point is the help desk, one of today's most exposed organizational Achilles' heels. ...
6 months ago Darkreading.com
Modern DevSecOps - DevSecOps - a fusion of development, security, and operations - emerged as a response to the challenges of traditional software development methodologies, particularly the siloed nature of development and security teams. DevSecOps aims to break down ...
6 months ago Feeds.dzone.com
DevSecOps: Definition, Benefits and Best Practices - DevSecOps is an approach that focuses on the alignment of the three core pillars of DevOps — Development, Operations, and Security. It’s a combination of processes, tools and practices designed to enable organizations to adopt innovative and ...
1 year ago Heimdalsecurity.com
9 Best DDoS Protection Service Providers for 2024 - eSecurity Planet content and product recommendations are editorially independent. We may make money when you click on links to our partners. Learn More. One of the most powerful defenses an organization can employ against distributed ...
6 months ago Esecurityplanet.com
What Is Software Piracy? - Software piracy has become a worldwide issue, with China, the United States and India being the top three offenders. In 2022, 6.2% of people worldwide visited software piracy websites. Software piracy doesn't require a hacker or skilled coder. Any ...
6 months ago Pandasecurity.com
The Crucial Need for a Secure Software Development Lifecycle in Today's Digital Landscape - In today's increasingly digital world, software is the backbone of business operations, from customer-facing applications to internal processes. The rapid growth of software development has also made organizations more vulnerable to security threats. ...
5 months ago Cyberdefensemagazine.com
Five business use cases for evaluating Azure Virtual WAN security solutions - To help organizations who are evaluating security solutions to protect their Virtual WAN deployments, this article considers five business use cases and explains how Check Point enhances and complements Azure security with its best-of-breed, ...
1 month ago Blog.checkpoint.com
Week in review: Attackers use phishing emails to steal NTLM hashes, Patch Tuesday forecast - What organizations need to know about the Digital Operational Resilience ActIn this Help Net Security interview, Kris Lovejoy, Global Security and Resilience Leader at Kyndryl, discusses the impact of the Digital Operational Resilience Act on ...
3 months ago Helpnetsecurity.com
Mastering SDLC Security: Best Practices, DevSecOps, and Threat Modeling - In the ever-evolving landscape of software development, it's become absolutely paramount to ensure robust security measures throughout the Software Development Lifecycle. Each of these have illuminated different vulnerabilities that can be exploited ...
6 months ago Securityboulevard.com
Software & Security: How to Move Supply Chain Security Up the Agenda - Software supply chains are under more scrutiny for security issues. The US government mandated software bills of materials for federal software projects so that security teams can understand any potential risks from software components. The ...
6 months ago Darkreading.com
A Practitioner's Guide to Security-First Design - Instead, organizations must proactively fortify their defenses and enter the era of security-first design - an avant-garde approach that transcends traditional security measures. Security-first design is an approach that emphasizes integrating robust ...
6 months ago Feeds.dzone.com
DHS Awards UAA to Launch New ADAC-ARCTIC Center of Excellence - S&T will provide ADAC-ARCTIC $46 million over a 10-year cooperative agreement to establish this Research Center portfolio for Homeland Security in the Arctic. Vital insights from academic-led innovative research will help the Department of Homeland ...
5 months ago Americansecuritytoday.com
10 Best Security Service Edge Solutions - Security Service Edge is an idea in cybersecurity that shows how network security has changed over time. With a focus on customized solutions, Security Service Edge Solutions leverages its expertise in multiple programming languages, frameworks, and ...
4 months ago Cybersecuritynews.com
Week in review: Palo Alto Networks firewalls under attack, Microsoft patches two exploited zero-days - Strategies for secure identity management in hybrid environmentsIn this Help Net Security interview, Charlotte Wylie, SVP and Deputy CSO at Okta, discusses the challenges of managing user identities across hybrid IT environments. Leveraging AI for ...
2 months ago Helpnetsecurity.com
Gaining Insights on the Top Security Conferences - A Guide for CSOs - Are you a CSO looking for the best security events around the world? Well, you have come to the right place! This article is a guide to the top security conferences that offer essential security insights to help make informed decisions. Security ...
1 year ago Csoonline.com

Latest Cyber News


Cyber Trends (last 7 days)


Trending Cyber News (last 7 days)