Dark Reading

Managing Software Risk in a World of Exploding Vulnerabilities

It's a perfect storm: The cost of a data breach is rising, known cyberattacks are becoming more frequent, security expertise is in short supply, and the demand for connectedness — to deliver and act ...

NIST is rethinking its role in analyzing software vulnerabilities

As the agency’s vulnerability database buckles under a flood of submissions, it’s planning to shift some responsibilities to other parties.
Bleeping Computer

CISA urges software devs to weed out XSS vulnerabilities

CISA and the FBI urged technology manufacturing companies to review their software and ensure that future releases are free of cross-site scripting vulnerabilities before shipping. The two federal ...
CSO Online

Ivanti patches two actively exploited critical vulnerabilities in EPMM

The code injection flaws allow for unauthenticated remote code execution on Ivanti Endpoint Manager Mobile deployments, but ...
Infosecurity-magazine.com

CISA Warns of Critical Software Vulnerabilities in Industrial Devices

The US Cybersecurity and Infrastructure Security Agency (CISA) has urged manufacturing companies to apply mitigations after one Rockwell Automation and several Mitsubishi systems were found to be ...
SiliconANGLE

NetRise updates platform to help teams prioritize real-world software vulnerabilities

Software supply chain startup NetRise Inc. today announced a major update to its platform aimed at improving how organizations identify and manage vulnerabilities in the software running on devices ...
Seeking Alpha

Software Vulnerabilities Are on the Decline, According to New Synopsys Research

SUNNYVALE, Calif., Nov. 14, 2023 /PRNewswire/ -- Synopsys, Inc. (SNPS) (Nasdaq: SNPS) today published the 2023 Software Vulnerability Snapshot report. According to the data, analyzed by Synopsys ...
Dark Reading

Vulnerabilities, AI Compete for Software Developers' Attention

Less than two years after the general release of ChatGPT, most software developers have adopted AI assistants for programming. That's boosting efficiency, but at the same time, it's led to a higher ...
CSOonline

Companies are drowning in high-risk software security debt — and the breach outlook is getting worse

Unresolved security debt is leaving organizations at greater risk of security breaches as fix times grow longer and the software ecosystem increasingly complexifies. Organizations are taking longer to ...
The Hacker News

CISA Updates KEV Catalog with Four Actively Exploited Software Vulnerabilities

CISA added four actively exploited vulnerabilities to its KEV catalog, urging U.S. federal agencies to apply fixes by ...
Business Wire

Symbiotic Security Delivers Update that Provides Greater Visibility into Software Vulnerabilities for Easier Remediation in the Coding Process

NEW YORK--(BUSINESS WIRE)--Symbiotic Security, the leader in real-time security for software development, today announced significant updates to its application and integrated development environment ...
Computer Weekly

Microsoft expands bug bounty scheme to include third-party software

Microsoft is to expand its bug bounty scheme to reward people for finding high-risk security vulnerabilities that could impact the security of Microsoft’s online services. The company is extending its ...