What does it take to make secure software? The Open Source Security Foundation (OpenSSF) has a few ideas (10 of them, in fact). This week at the OpenSSF Day Japan event in Tokyo, the nonprofit group ...

The Cybersecurity and Infrastructure Security Agency is looking for feedback on its “secure by design” white paper, which pushes software manufacturers to follow more stringent security principles in ...

A program manager for the Cybersecurity and Infrastructure Security Agency said ongoing threat vigilance is needed post-implementation of the agency’s Secure by Design framework. Incorporating a ...

It’s no surprise that demand for more secure software is rising and these two approaches claim to outline the best way forward. As cybersecurity professionals, we need to know that the software ...

Makers of software used by the federal government will now be required to affirm that their products are manufactured with secure development practices in mind, filling out a form released Monday by ...

WASHINGTON – The Cybersecurity and Infrastructure Security Agency (CISA), along with 17 U.S. and international partners, published an update to “Shifting the Balance of Cybersecurity Risk: Principles ...

The analysis, conducted by Secure Code Warrior, is supported by former White House cybersecurity officials Kemba Walden and Chris Inglis. Under 4% of software developers across the globe are ...

The Cybersecurity Infrastructure Security Agency is pledging to go "left-of-boom" and surveil artificial intelligence software development practices in a new alert series, which offers lessons to ...

Software that prioritizes security at its most foundational level means designing it with customer security as a key goal rather than a tacked-on feature. And that concept — secure by design — is ...

It is largely recognised among the IT security community that there is a direct correlation between the quality of code – as a percentage of coding errors per thousand lines of code – and cyber ...

At a time when many organizations still struggle to recruit and retain qualified cybersecurity talent, adversaries are moving faster than ever. According to the FortiGuard Labs 2H 2023 Threat ...

Seventeen cybersecurity and defense agencies from different countries joined the U.S. Cybersecurity and Infrastructure Security Agency in updating a guidance on the implementation of secure-by-design ...