Analysis of 25,000 applications reveals 6.8% of packages/components used
included known defects. Organizations standardizing on components between 2 -
3 years of age can decrease defect rates substantially.
Open source and third-party packages/components live at the heart of high
velocity software development organizations. Today, an average of 106
packages / components comprise 80 - 90% of a modern application, yet few
organizations have visibility into what components are used where.
Use of known defective components leads to quality and security issues within
applications. While developers save tremendous amounts of time by sourcing
software components from outside their organizations, they often don't have
time to check those component versions against known vulnerability databases
or internal policies.
In Sonatype's 2016 State of the Software Supply Chain repor... (more)
Phishing has been around since the dawn of the internet. The term was first
used in an AOL Usenet group back in 1996 but it wasn’t until 2003 when many
baited hooks and lures started dropping. Popular transaction destinations
like PayPal and eBay were some of the early victims of these spoofed sites
asking customers to update their personal and credit card information. By
2004, it was a full-fledged ‘get rich quick scheme’ with many financial
institutions – and their customers – as targets.
Oxford Dictionary defines Phishing as, ‘The fraudulent practice of sending
emails purpor... (more)
Enabling patient-doctor trust goes a long way in a provider's ability to
provide care. Trust is also critical for enabling network connections that
are safe, to help secure health networks.
The healthcare industry is scrambling to shore up defenses as cyberattacks
and breaches increase. The rapid adoption of electronic health
records/electronic medical records (EHR/EMR) has created an attractive
opportunity for cyber criminals. Ponemon Research recently reported that
breach costs are $363 for each stolen healthcare record, and that is the
highest across all vertical markets.
SYS-CON Events announced today that Secure Channels will exhibit at the 19th
International Cloud Expo, which will take place on November 1-3, 2016, at the
Santa Clara Convention Center in Santa Clara, CA.
The bedrock of Secure Channels Technology is a uniquely modified and enhanced
process based on superencipherment. Superencipherment is the process of
encrypting an already encrypted message one or more times, either using the
same or a different algorithm.
For more information, visit http://www.securechannels.com.
@ThingsExpo - The World's Largest 'Internet of Things' Event, No... (more)
Does a Content Delivery Network (CDN) protect against Distributed Denial of
Service (DDoS) attacks? It's a good question. A CDN by its very nature will
absorb DDoS attacks for the content that it serves and this could be
considered protection but, as is often the case, this is only the beginning
of the story.
If we consider what is actually going on here, the CDN isn't actually
‘blocking' the DDoS attack - it is simply reducing its impact by throwing
more resources at the problem. This means that the size of the DDoS attack a
CDN can deal with is inherently dependent on the size... (more)
It was a Monday. I was reading the Internet. Okay, I was skimming feeds.
Anyway, I happened across a title that intrigued me, "Stateful Apps and
Containers: Squaring the Circle." It had all the right buzzwords (containers)
and mentioned state, a topic near and dear to this application
networking-oriented gal, so I happily clicked on through.
Turns out that Stateful Apps are not Stateful Apps. Seriously.
To be fair, I should really say that when a devops guy talks about
‘stateful apps' it is not the same thing as when a netops gal uses the term
‘stateful apps.' That's because the... (more)