Top 5 Application Security Takeaways from RSA Conference 2022
RSA Conference 2022 was held in San Francisco, June 6-8, 2022. The cybersecurity industry welcomed back RSA 2022 which was held in person at the Moscone Convention Center in San Francisco. Following a one year hiatus due to Covid, the conference was back, stronger and well-timed to address the developments over the recent past. With […]
BluBracket Creates the Most Effective and Complete Code Security Solution to Protect Enterprises from Software Supply Chain Attacks
First code security solution to consolidate both internal and external code risks to protect the software supply chain PALO ALTO, Calif. – (RSA Conference) – June 2, 2022 – BluBracket, the leader in code security for developers and security engineers, announced today that it has enhanced its code security solution to identify and eliminate the […]
BluBracket open-sources secret, PII, and non-inclusive language scanning tools for S3 objects, Confluence wiki pages, and more…
Enormous volumes of data from private repos, internal chats, private S3 buckets, databases, internal docs, and more have all been exposed recently. For us, the problem is clear: the only safe place to hide a secret is in an encrypted vault. Our core product is the market leader in securing internal code supply chains—including eliminating […]
Think Secrets in Code Can’t Hurt You? Think Again.
Leaking secrets is bad, right? Not everyone fully understands the consequences of secrets committed to source code. It’s my aim in this article to prove out what could happen if a secret is leaked to a public repository. On May 9th, I set out to do that and decided to analyze a two week period. […]
BluBracket’s new filtering experience cuts through the noise
When BluBracket launched we were focused on being the best tool to find risks in code and related to code—as we describe it: what’s in your code, who has access, and where it’s going. But our work with companies ranging from nimble five-person startups to enterprises at the top of the fortune 100 has taught […]
BluBracket Joins Forces with Snyk to Secure Software Supply Chains from Source Code Risks
BluBracket to integrate Snyk’s market-leading developer security products into its Code Security Suite to help secure code PALO ALTO — APRIL 27, 2022 — BluBracket, the leader in code security, announced today that it’s joining Snyk’s Technical Alliance Partnership Program as a founding member and will integrate Snyk’s Open Source security product into its Code […]
Your source code is vulnerable, here’s what hackers are looking for
The biggest news of the spring season so far has been of a slap, a hostile takeover bid, a devastating series of source code dumps by a heretofore unknown hacking group, and now a hacked batch of OAuth tokens leading to yet more source code leaks. Of all of those, the source code leaks might […]
The CISO’s Guide to Supply Chain Security
Companies are software factories, pulling in components from upstream projects and also assembling and coding within their own enterprise. Hackers have noticed that code is a ripe target, containing credentials, secrets and valuable IP that can unlock other infrastructure. Today’s CISO’s and security leaders must understand their software supply chain and how to secure it […]
NEWS: Only 14% of developers consider security a top priority
Developers’ top priority is creating value, but code quality—including security—is part of a job done well. Early and automated feedback in the SDLC flow works, according to head of product Casey Bisson in SC Magazine “Developers are responsible for finding a path between technical constraints to meet business goals, and they know the perfect or […]
What kind of security tools should I provide to developers?
Dark Reading features an article from BluBracket’s VP of Product and Developer Relations on how security professionals should help their developers write secure code. One tip: “Use pre-commit hooks to scan for secrets and other code risks before they get into code. A secret in code is a secret told. Blocking secrets at the source […]
