featureThe CSO guide to top security conferencesTracking postponements, cancellations, and conferences gone virtual — CSO Online’s calendar of upcoming security conferences makes it easy to find the events that matter the most to you.By CSO StaffMay 31, 202412 minsTechnology IndustryIT SkillsEvents news analysis Windows path conversion weirdness enables unprivileged rootkit behaviorBy Lucian ConstantinApr 19, 20245 minsWindows SecurityThreat and Vulnerability ManagementVulnerabilitiesfeature OWASP Top 10 OSS Risks: A guide to better open source securityBy Chris HughesApr 11, 202411 minsThreat and Vulnerability ManagementVulnerabilitiesOpen Source news analysisDangerous XZ Utils backdoor was the result of years-long supply chain compromise effortBy Lucian Constantin Apr 02, 202410 minsData and Information SecuritySupply ChainVulnerabilities newsMajority of commercial codebases contain high-risk open-source codeBy Grant Gross Feb 29, 20244 minsSecurity AuditsOpen SourceSoftware Development featureRoundup: Global software supply chain security guidance and regulationsBy Chris Hughes Jan 08, 20248 minsGovernmentSupply ChainSecurity Practices newsAlmost all developers are using AI despite security concerns, survey suggestsBy John P. Mello Jr. Nov 29, 20234 minsDevelopment ToolsSecurity PracticesSupply Chain featureNIST provides solid guidance on software supply chain security in DevSecOps By Chris Hughes Oct 19, 20239 minsDevSecOpsSupply ChainSecurity Practices featureHow CISOs can shift from application security to product securityBy Ericka Chickowski Aug 30, 202310 minsApplication SecuritySoftware Development ArticlesnewsArnica’s real-time, code-risk scanning tools aim to secure supply chainArnica adds new software supply chain security capabilities delivered through real-time code risk management tools.By Shweta Sharma May 16, 2023 4 minsDevSecOpsSupply ChainSoftware DevelopmentnewsGitGuardian’s honeytokens in codebase to fish out DevOps intrusionGitGuardian honeytokens are decoy scripts designed to lure out attackers looking to target critical DevOps environments and enterprise secrets. By Shweta Sharma Apr 11, 2023 4 minsIntrusion Detection SoftwareSoftware DevelopmentnewsUK data regulator issues warning over generative AI data protection concernsThe UK's Information Commission’s Office reminds organizations that data protection laws still apply to unfiltered data used to train large language models.By Charlotte Trueman Apr 04, 2023 3 minsData PrivacyGenerative AIArtificial IntelligencebrandpostSponsored by SynopsysAutomation is the key component of DevSecOps collaboration and optimizationYour journey to DevSecOps excellence starts with automation, focus on these 3 recommendationsBy Taylor Armerding, Security Advocate at Synopsys Software Integrity Group Mar 13, 2023 4 minsDevopsSecuritySoftware DevelopmentbrandpostSponsored by SynopsysPoor software quality can cost time and money, straightforward solutions are availableTop IT leaders get it—if it’s high quality, with security “built-in” throughout development, software can make a business successful.By Taylor Armerding, Security Advocate at Synopsys Software Integrity Group Mar 13, 2023 4 minsDevopsSoftware DevelopmentbrandpostSponsored by SynopsysSoftware risk is business risk—now is the time for C-Suite to actWhile software introduces new ways of doing business, it can also introduce serious new risks. When it comes to digital transformation, don’t let inherit risks stand in the way of the competitive advantage your business seeks. By Jason Schmitt, General Manager, Synopsys Software Integrity Group Mar 13, 2023 4 minsDevopsSoftware DevelopmentfeatureFor one software maker, an SBOM adds value to the productAt Instant Connect, an SBOM has become part of the product offering, says Chief Product Officer Wes Wells.By Mary K. Pratt Jun 15, 2022 7 minsApplication SecurityOpen SourceSecuritybrandpostSponsored by CrowdStrikeHow Shift Left Security Helps Developers Build More Secure Cloud-Native AppsFor your DevOps teams to fully embrace the cloud, security must be at the forefront of their considerations. The good news? DevOps does not have to sacrifice security in order to move faster.By Guilherme (Gui) Alvarenga, Sr. Product Marketing, Cloud Security, CrowdStrike May 25, 2022 3 minsDevopsIT LeadershipSoftware Developmentfeature23 DevSecOps tools for baking security into the development processCatch and remediate application vulnerabilities earlier and help integrate security in the the development process with these five categories of DevSecOps tools.By James Martin and George V. Hulme May 09, 2022 8 minsApplication SecuritySecuritySoftware DevelopmentnewsChainguard launches native Kubernetes compliance software EnforceChainguard’s Enforce is designed to help developers define and enact policies for container images to enable safer deployment. By Shweta Sharma Apr 27, 2022 3 minsApplication SecuritySoftware Developmentnews analysisGitHub makes Advisory Database public to improve software supply chain securityResearchers, academics, and enthusiasts can now contribute to and benefit from free, open-source security data on software supply chain vulnerabilities.By Michael Hill Feb 22, 2022 3 minsDevSecOpsSoftware Developmentnews analysisNPM JavaScript registry suffers massive influx of malware, report saysThe NPM JavaScript registry has experienced a jump in malware, including packages related to data theft, crypto mining, botnets, and remote code execution, according to security company WhiteSource.By Shweta Sharma Feb 03, 2022 5 minsSecuritySoftware Development Show more Show less View all Resources whitepaper NIS2 Compliance: An Identity Security Guidebook Download this eBook today and learn how you can reduce risk, defend against attacks, and streamline compliance initiatives through a comprehensive identity security strategy. The post NIS2 Compliance: An Identity Security Guidebook appeared first on Whitepaper Repository –. By CYBER-ARK SOFTWARE 14 Jun 2024Application Performance ManagementCritical InfrastructureCyberattacks whitepaper The Forrester Wave™: Privileged Identity Management, Q4 2023 By CYBER-ARK SOFTWARE 14 Jun 2024Application Performance ManagementIdentity and Access ManagementIT Management whitepaper Gartner® Magic Quadrant™ for Privileged Access Management By CYBER-ARK SOFTWARE 14 Jun 2024Application Performance ManagementMachine VisionVendor Management View all Video on demand videoHow to code an interactive shiny app to search Twitter: Do More With R bonus videoLearn how to turn code from Episode 41 into an interactive shiny Web app. Jan 25, 2020 16 minsAnalyticsSoftware Development AI and machine learning in action Jan 22, 2020 24 minsSoftware Development How to boost R Markdown interactivity with runtime Shiny May 10, 2019 13 minsJavaR LanguageSoftware Development How to use tidy eval in R Mar 22, 2019 8 minsR LanguageFunctions as a ServiceAnalytics See all videos Explore a topic Application Security Business Continuity Business Operations Careers Cloud Security Compliance Critical Infrastructure Cybercrime Identity and Access Management Industry IT Leadership Network Security Physical Security Privacy View all topics All topics Close Application Security Business Continuity Business Operations Careers Cloud Security Compliance Critical Infrastructure Cybercrime Identity and Access Management Industry IT Leadership Network Security Physical Security Privacy Risk Management Security Security Infrastructure Vulnerabilities Generative AI Show me morePopularArticlesPodcastsVideos brandpost Sponsored by CyberArk The growing threat of identity-related cyberattacks: Insights into the threat landscape By Brandon Traffanstedt, senior director in CyberArk’s Field Technology Office Jun 14, 20246 mins Cybercrime news Microsoft president faces tough questions from Congress on China, security By John Leyden Jun 14, 20244 mins Email SecurityCloud SecuritySecurity feature Deepfakes: Coming soon to a company near you By Grant Gross Jun 14, 20248 mins PhishingCybercrime podcast CSO Executive Sessions India with Hilal Lone, CISO, Razorpay Jun 11, 202429 mins CSO and CISO podcast CSO Executive Sessions: The new realities of the CISO role – whistleblowing and legal liabilities May 28, 202417 mins CSO and CISO podcast CSO Executive Sessions India with Pradipta Kumar Patro, Global CISO and Head IT Platform, KEC International May 22, 202426 mins CSO and CISO video CSO Executive Session India with Hilal Lone, CISO, Razorpay Jun 11, 202429 mins CSO and CISO video CSO Executive Sessions: The new realities of the CISO role – whistleblowing and legal liabilities May 28, 202417 mins CSO and CISO video CSO Executive Sessions India with Pradipta Kumar Patro, Global CISO and Head IT Platform, KEC International May 22, 202426 mins CSO and CISO