Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

This week we’ve added new Kotlin & Swift Courses to the Security Labs catalog! The update includes 4-5 Kotlin (Android) labs and 4 Swift (iOS) labs that cover common mobile security topics such as secret storage, authorization, and custom URL handling.

The statistics support Microsoft CEO Satya Nadella’s claim that “every company is a software company.” The average enterprise was already deploying 464 custom applications back in 2017, and that number has likely been growing for the past five years with apps designed to meet unique business needs and support daily tasks and processes as they increasingly move online.

The statistics support Microsoft CEO Satya Nadella’s claim that “every company is a software company.” The average enterprise was already deploying 464 custom applications back in 2017, and that number has likely been growing for the past five years with apps designed to meet unique business needs and support daily tasks and processes as they increasingly move online.

A SQL injection flaw allows for an attacker to modify or inject SQL syntax into the request to make the application behave in a manner that was not initially intended. In other words, an attacker can change a database query to: Now with almost all web applications having integrations with databases in some way, this flaw has the potential to arise often. However, many frameworks and libraries are available to make database connections and queries safe.

Cloud-based Kubernetes applications have become the standard for modernizing workloads, but their multi-layered design can easily create numerous entry points for unauthorized activity. To protect your applications from these threats, you need security controls at each layer of your Kubernetes infrastructure.

Today, we announced our entrance into the Static Application Security Testing (SAST) market. It’s a significant development for WhiteSource, which has until now been solely focused on open source software security. In this post, I explain why we decided to make this move beyond open source into proprietary code security, and the value it will bring to developers, security teams, and their organizations.

Before we jump into definitions, let’s quickly level set on how we got here. Over the last few years, the way we build software has changed drastically. With the increasing need to move faster and release more frequently, organizations are opting to get rid of monolithic architectures and adopt a microservices architecture for greater agility, resiliency, and efficiency.