Develop Secure Software logo
To secure your CI/CD pipelines, round up the usual suspects
August 22, 2022

To secure your CI/CD pipelines, round up the usual suspects

Exploring the “how” of CI/CD compromises, researchers show many of the culprits will be familiar to security teams.
Read More
6 reasons app sec teams should shift gears and go beyond legacy vulnerabilities
August 18, 2022

6 reasons app sec teams should shift gears and go beyond legacy vulnerabilities

With software supply chain attacks surging, app sec teams should shift gears from legacy vulnerabilities to open-source repos, dev tools, and tampering.
Read More
Just for devs: Best of Black Hat and DEF CON
August 18, 2022

Just for devs: Best of Black Hat and DEF CON

Hacker summer camp is BACK, baby.
Read More
NVD Analysis 2022: Why you need to modernize your software security approach
August 12, 2022

NVD Analysis 2022: Why you need to modernize your software security approach

The NVD as it is today does not tell the full story of software risk. Here's why the NVD — and your software security approach — need to be modernized.
Read More
Researchers: GitHub Copilot produces vulnerable code, demos AI bias
August 12, 2022

Researchers: GitHub Copilot produces vulnerable code, demos AI bias

GitHub updated guidance on using its Copilot AI-powered code bot after researchers showed at Black Hat that it often generates vulnerable code.
Read More
DevOps: Fix your dangerous redirects! Amex shows how
August 11, 2022

DevOps: Fix your dangerous redirects! Amex shows how

DevOps teams are still ignoring the danger of open redirector pages.
Read More

SUBSCRIBE

Subscribe to the develop.secure.software newsletter to stay up to speed, learn best practices and more.