Testing code is the first step to making it secure. One of the best ways to do this is to use unit tests, ensuring that each of the smaller functions within an app behave as they should — especially when the app receives edge-case or invalid inputs, or inputs that are potentially harmful.

The trouble with allowing developers to deploy code directly to production is that security threats are often overlooked in the process. These vulnerabilities only show up later during runtime. Once this happens, it falls on the shoulders of the Ops team or SREs to engage in firefighting.

A weak password can easily become compromised by a cyberattacker, but employing multi-factor authentication (MFA) can stop a cyberattacker in their tracks. MFA is recommended as a best practice by the US National Institute of Standards and Technology (NIST) to reduce risk. Learn more about MFA and how it can protect your company from cyberattacks.

The U.S. Transportation Security Administration (TSA) recently issued new cybersecurity regulations for passenger and freight railroad carriers to enhance cybersecurity resilience with performance-based measures. This security directive includes a new requirement for railroad carriers to build continuous monitoring policies and procedures. This is the latest of several recent initiatives on the U.S. state and federal levels requiring continuous monitoring of cyber risk.

Cybersecurity is an issue that’s becoming more and more difficult for SMBs to manage on their own. As a result, MSPs are on the rise. Data from Canalys indicates that the cybersecurity managed services business grew by 18% in 2021, driven by the combination of the increasing sophistication of cyber threats and the shortage of dedicated cybersecurity personnel, which makes the situation unscalable for SMBs and midsize companies who often hire an external MSP to help solve these issues.

Over the last two years since going private, Forescout has undergone a significant transformation. We are extremely proud of our 20+ year heritage as the world’s leading network access control provider, yet we knew that we had untapped potential.

LinkedIn says it is beefing up its security in an attempt to better protect its user base from fraudulent activity such as profiles that use AI-generated deepfake photos, and messages that may contain unwanted or harmful content. The new features, which are being rolled out globally over the next several weeks, have been previewed in a blog post by LinkedIn's Vice President of product management, Oscar Rodriguez.

Global cybersecurity is becoming more reliant on using advanced, more complex safety mechanisms to resolve vulnerabilities. Governments and businesses worldwide struggle to safeguard their data and networks and prevent future crises. At the same time, cyber threats are becoming just as complex. With each new step in cybersecurity innovation, cyber threats also gain momentum, eventually posing major security challenges for governments.

This is the third of a six-part blog series that highlights findings from a new Mend white paper, Five Principles of Modern Application Security Programs. Be sure to look out for our upcoming blogs on each of the five principles.

At 12 years old, Go is a relatively new programming language–but it’s a popular one when it comes to cloud-native computing. CockroachDB, Docker, Kubernetes, and AdGuardHome (byAdGuard) are all built on Go, and the Go GitHub repository has over 105,000 stars, putting it in third place as a GitHub star leader.