BluBracket Uncovers Trojan Source Unicode (Bidirectional Algorithm) Vulnerabilities

In this era of fast code deployment and non-stop design-to-deploy, systemic code vulnerabilities can end up being devastating because of the speed at which code is shared via git repositories. The shift left movement has made developers aware of cybersecurity hygiene and best practices. This same movement has sought to give developers more responsibility and […]

Securing Open Source Code with the Linux Foundation

Today we are pleased to announce an important step in our mission to secure code. We have donated a sizable contribution to the LFx security module at the Linux Foundation so it now includes automatic scanning for secrets-in-code and non-inclusive language. Our contribution was announced on stage at the Linux Foundation Member Summit today in […]

So Many Repos, So Little Time: Speeding Up Deployments Securely

As we entered 2020, digital transformation was already gathering steam. Once Covid-19 spread, workers went remote and e-commerce and business-to-business transactions went predominantly online. This propelled digital transformation into a raging inferno that led to unprecedented pressure on developer pipelines from incessant business demands for new code functionality and faster updates. Around the same time […]

Why Organizations Today Need a Risk-Based Approach to Code Security

We salute October as National Cybersecurity Awareness Month As we salute the national cybersecurity awareness month, we also want to recognize the ongoing increase in application-based software supply chain attacks. The process to deliver security and protection during software development cycles are disjointed, leading to gaps, vulnerabilities and lots of false positive alerts. This is why […]

Secure Your Software Supply Chain in 4 Easy Steps

The now infamous SolarWinds hack is the largest cybersecurity attack in history leaving hundreds of millions at risk, and unfortunately there are signs that the wave of copycat crimes are already underway. The culprits perpetrating these breaches attack what is now widely acknowledged as the most vulnerable and least protected cybersecurity attack surface within enterprises: […]