Year of the Twin Dragons: Developers Must Slay the Complexity and Security Issues of AI Coding Tools 2025-05-01 at 16:01 By Mike Lennon The advantages AI tools deliver in speed and efficiency are impossible for developers to resist. But the complexity and risk created by AI-generated code can’t be ignored. The post Year of the […]
React to this headline:
Two things you need in place to successfully adopt AI 2025-03-31 at 08:32 By Help Net Security Organizations should not shy away from taking advantage of AI tools, but they need to find the right balance between maximizing efficiency and mitigating organizational risk. They need to put in place: 1. A seamless AI security policy
React to this headline:
Two things you need in place to successfully adopt AI Read More »
Open source worldwide: Critical maintenance gaps exposed 2025-01-07 at 06:31 By Help Net Security Lineaje recently released a report identifying the US and Russia as the leading generators of open-source projects, with both countries also having the highest numbers of anonymous open-source contributions. In this Help Net Security video, Nick Mistry, SVP and CISO of
React to this headline:
Open source worldwide: Critical maintenance gaps exposed Read More »
CISOs don’t invest enough in code security 2025-01-02 at 06:34 By Help Net Security 72% of security leaders agree that the age of AI necessitates a complete reset of how organizations approach application security, according to Cycode. This urgency is reinforced by the fact that 93 billion lines of code were generated in the past
React to this headline:
CISOs don’t invest enough in code security Read More »
Tackling software vulnerabilities with smarter developer strategies 2024-12-13 at 07:03 By Mirko Zorz In this Help Net Security interview, Karl Mattson, CISO at Endor Labs, discusses strategies for enhancing secure software development. Mattson covers how developers can address vulnerabilities in complex systems, ways organizations can better support secure coding practices, and the role of languages
React to this headline:
Tackling software vulnerabilities with smarter developer strategies Read More »
70% of open-source components are poorly or no longer maintained 2024-12-04 at 06:35 By Help Net Security The geographic distribution of open-source contributions introduces geopolitical risks that organizations must urgently consider, especially with rising nation-state attacks, according to Lineaje. Open-source code risks rise with anonymous contributions Microsoft estimates that its customers face 600 million cyberattacks
React to this headline:
70% of open-source components are poorly or no longer maintained Read More »
Transforming code scanning and threat detection with GenAI 2024-11-18 at 07:33 By Mirko Zorz In this Help Net Security interview, Stuart McClure, CEO of Qwiet AI, discusses the evolution of code scanning practices, highlighting the shift from reactive fixes to proactive risk management. McClure also shares his perspective on the future of AI-driven code scanning,
React to this headline:
Transforming code scanning and threat detection with GenAI Read More »
AI learning mechanisms may lead to increase in codebase leaks 2024-11-05 at 06:03 By Help Net Security The proliferation of non-human identities and the complexity of modern application architectures has created significant security challenges, particularly in managing sensitive credentials, according to GitGuardian. Based on a survey of 1,000 IT decision-makers in organizations with over 500
React to this headline:
AI learning mechanisms may lead to increase in codebase leaks Read More »
50% of financial orgs have high-severity security flaws in their apps 2024-11-01 at 08:03 By Help Net Security Security debt, defined for this report as flaws that remain unfixed for longer than a year, exists in 76% of organizations in the financial services sector, with 50% of organizations carrying critical security debt, according to Veracode.
React to this headline:
50% of financial orgs have high-severity security flaws in their apps Read More »
The number of Android memory safety vulnerabilities has tumbled, and here’s why 2024-09-26 at 15:32 By Zeljka Zorz Google’s decision to write new code into Android’s codebase in Rust, a memory-safe programming language, has resulted in a significant drop in memory safety vulnerabilities, despite old code (written in C/C++) not having been rewritten. The number
React to this headline:
The number of Android memory safety vulnerabilities has tumbled, and here’s why Read More »
Security leaders consider banning AI coding due to security risks 2024-09-19 at 06:02 By Help Net Security 92% of security leaders have concerns about the use of AI-generated code within their organization, according to Venafi. Tension between security and developer teams 83% of security leaders say their developers currently use AI to generate code, with
React to this headline:
Security leaders consider banning AI coding due to security risks Read More »
Detecting vulnerable code in software dependencies is more complex than it seems 2024-09-18 at 07:31 By Mirko Zorz In this Help Net Security interview, Henrik Plate, CISSP, security researcher, Endor Labs, discusses the complexities AppSec teams face in identifying vulnerabilities within software dependencies. Plate also discusses the limitations of traditional software composition analysis (SCA) solutions
React to this headline:
Detecting vulnerable code in software dependencies is more complex than it seems Read More »
How to make Infrastructure as Code secure by default 2024-09-13 at 07:46 By Help Net Security Infrastructure as Code (IaC) has become a widely adopted practice in modern DevOps, automating the management and provisioning of technology infrastructure through machine-readable definition files. What can we to do make IaC secure by default? Security workflows for IaC
React to this headline:
How to make Infrastructure as Code secure by default Read More »
Leveraging dynamic configuration for seamless and compliant software changes 2024-07-31 at 06:01 By Mirko Zorz In this Help Net Security interview, Konrad Niemiec, CEO and Founder of Lekko, discusses the benefits of dynamic configuration in preventing system outages and enabling faster response times during incidents. Niemiec explains how dynamic configuration evolves feature flagging, supports operational
React to this headline:
Leveraging dynamic configuration for seamless and compliant software changes Read More »
One-third of dev professionals unfamiliar with secure coding practices 2024-07-19 at 07:01 By Help Net Security Attackers consistently discover and exploit software vulnerabilities, highlighting the increasing importance of robust software security, according to OpenSSF and the Linux Foundation. Despite this, many developers lack the essential knowledge and skills to effectively implement secure software development. Lack
React to this headline:
One-third of dev professionals unfamiliar with secure coding practices Read More »
Maintaining human oversight in AI-enhanced software development 2024-07-03 at 07:31 By Mirko Zorz In this Help Net Security, Martin Reynolds, Field CTO at Harness, discusses how AI can enhance the security of software development and deployment. However, increased reliance on AI-generated code introduces new risks, requiring human oversight and integrated security practices to ensure safe
React to this headline:
Maintaining human oversight in AI-enhanced software development Read More »
Enhancing security through collaboration with the open-source community 2024-06-18 at 07:32 By Mirko Zorz In this Help Net Security interview, Alan DeKok, CEO at NetworkRADIUS, discusses the need for due diligence in selecting and maintaining open-source tools, and brings out the potential risks and benefits of collaborating with the open-source community to enhance software security.
React to this headline:
Enhancing security through collaboration with the open-source community Read More »
Solana devs target April 15 for failed TX fix — it’s ‘not a design flaw’ 2024-04-09 at 06:01 By Cointelegraph by Brayden Lindrea Solana’s percentage of failed non-vote transactions went over 75% last week, and developers are now targeting a fix to be implemented on April 15. This article is an excerpt from Cointelegraph.com News
React to this headline:
Solana devs target April 15 for failed TX fix — it’s ‘not a design flaw’ Read More »
Six steps for security and compliance in AI-enabled low-code/no-code development 2024-04-04 at 08:02 By Help Net Security AI is quickly transforming how individuals create their own apps, copilots, and automations. This is enabling organizations to improve output and increase efficiency—all without adding to the burden of IT and the help desk. But while this transformation
React to this headline:
Six steps for security and compliance in AI-enabled low-code/no-code development Read More »
Using cloud development environments to secure source code 2024-03-21 at 07:01 By Help Net Security In this Help Net Security video, Rob Whiteley, CEO at Coder, discusses the cloud development environment (CDE) technology landscape and its benefits. From the earliest stages of writing code to deploying finalized applications, CDEs are reimagining the developer experience, gaining
React to this headline:
Using cloud development environments to secure source code Read More »