It’s like a technological thriller come to life. Ransomware entered the global spotlight in 2021 after a number of high-profile cases caught the media’s attention. But long before the growing threat entered the public domain, a small group of individuals started quietly helping thousands of people and businesses get their information back – without paying the ransom.

Polaris Software Integrity Platform® – a SaaS application security testing solution delivering speed without compromise. Faster, faster, faster. The pressure is on to do business faster, to develop faster, and to secure all of this with faster and faster AppSec. Businesses want to release products, services, and apps to their customers on shorter and shorter release cycles.

In this blog post, we outline what the Colour-Blind trojan is, how it works and what it tells us about the changing nature of malware.

Security is, and always has been, a tough job. Security teams continue to face escalating cyberattacks while being bombarded by false positives and clocking more hours due to staffing shortages. However, security leaders and practitioners alike also understand that these crises are inevitable — and are increasingly focusing their efforts on recovering as quickly and efficiently as possible when disaster strikes.

The rapid escalation of cyberattacks around the world has increased the number of prerequisites to qualify for a cyber insurance policy. If a business faces a cyberattack involving a data breach, it may find it hard to recover without additional support or resources. And this is just one example.

The practice of infrastructure as code (IaC) has enabled platform teams to control infrastructure using code stored in Git. This enables teams to apply standard development practices like code review and testing to infrastructure management. The practice of GitOps takes this a step further by: Open Policy Agent (OPA), thanks to its Rego policy language, enables organizations to manage their authorization policies as code (PaC).

Nearly 1500 cybersecurity professionals gathered in Milwaukee for Cpyphercon 6. Read the highlights from the largest hacker event in Wisconson

GitGuardian's Q1 wrap-up highlights our progress in detecting secrets, introducing new secret detectors, and committing to code security. With six new detectors released in Q1, GitGuardian remains the go-to solution for developers looking to write more secure code.

A Code Signing certificate is a form of online certificate presented to an organization that is entirely dedicated to software development to validate authenticity and integrity of the programs they create. This type of digital certificate holds significant information and is issued by a CA. Here, a public key is used to bind the organization’s identity. A software developer leverages the power of a Code Signing certificate to sign the executables and applications prior to their release.

If your application development environment is like most, you’re using more code and you’ve accelerated the development of applications and software. That’s great for productivity, but it presents a big challenge for security, as your developers come under increasing pressure to ship code quickly — while also ensuring that their code is secure. They need to find a sweet spot between speed and security, and scanning at the repository level is the way to go. Here’s why.