CVE-2023-25828 vulnerability; history, mitigation analysis, and everything you need to know about the remote code execution (RCE) vulnerability in Pluck CMS.

Synopsys Cybersecurity Research Center discovers new RCE vulnerability and cross-site scripting vulnerability in OpenTSDB.

Software due diligence is crucial in M&A, but to approach it strategically you must understand its key considerations and risks. Mergers and acquisitions (M&As) can be a great way for companies to expand their offerings and market share. One of the biggest risk areas for M&A in tech deals is software plagued with vulnerabilities or that contains open source license compliance issues.

The previous blog post in this series presented an introduction to secure software development for modern vehicles. In this blog post, we will do a deep dive on connected and autonomous vehicles (AVs) and focus on fuzz testing.

With the continued move to the cloud, cloud detection and response helps security teams defend their cloud applications and infrastructure.

CISA’s draft self-attestation form, published today, is a step in the right direction in demystifying EO 14028 compliance. It’s finally happened. For everyone who has been trying to figure out how to comply with President Biden’s Executive Order on Cybersecurity (EO 14028), you now have the answer—sort of.

Polaris Software Integrity Platform® – your application security testing system that can do both SAST and SCA, fast. Digitalization is speeding up business cycles across all industry sectors, so no matter what business you’re in, you need to keep up.

You should consider the following tips, tricks and best practices to help improve your supply chain security in the cloud. The cloud has revolutionized the way businesses operate, providing a scalable and cost-effective solution for storing, processing, and sharing data. However, with this growth has come new security concerns, particularly around the cloud software supply chain.

Yes, AI chatbots can write code very fast, but you still need human oversight and security testing in your AppSec program. Chatbots are taking the tech world and the rest of the world by storm—for good reason. Artificial intelligence (AI) large language model (LLM) tools can write things in seconds that would take humans hours or days—everything from research papers to poems to press releases, and yes, to computer code in multiple programming languages.

Digitalization means you need to build more complex software than ever before – the Polaris Software Integrity Platform® can help. Whether you’re building software to run your business or selling software to other businesses, you’re relying on technologies like cloud computing, continuous integration/continuous deployment (CI/CD), microservices, and APIs to enable speed and agility in application development.