Tag: Code Reviews
-
New CodeGuru Reviewer Features: Detector Library and Security Detectors for Log-Injection Flaws
Amazon CodeGuru Reviewer is a developer tool that leverages machine learning to detect security defects in code (Java and Python) and …
-
Flaws In GitHub Actions Bypass Code Review Mechanism
Researchers at Cider Security have uncovered a security loophole in GitHub Actions that allows adversaries to bypass the required reviews …
-
Automate manual security, risk, and compliance processes in software development
The future of business relies on being digital – but all software deployed needs to be secure and protect privacy. Yet, responsible …
-
Microsoft Application Inspector: Check open source components for unwanted features
Want to know what’s in an open source software component before you use it? Microsoft Application Inspector will tell you what it does …
-
Serious Security: The decade-ending “Y2K bug” that wasn’t
A curious Naked Security reader alerted us to what they thought might be a “Y2K-like bug” in Java’s date handling. The cause of the …
-
SD Times news digest: GitHub acquires Pull Panda, Cloudflare introduces advanced cryptographic library, and Raspberry Pi 4 Model B
…
-
Continuous Security in Agile Development
The word continuous gets thrown around a lot when talking about agile and DevOps. One area that often doesn’t get enough attention is how …
-
Database Script Cripples Salesforce Services
On Friday, May 17th, Salesforce suffered its largest outage in its nearly twenty years as a provider of CRM services. The original outage …
-
Mozilla will use AI coding assistant to preemptively catch Firefox bugs
Mozilla will start using Clever-Commit, an AI coding assistant developed by Ubisoft, to make the Firefox code-writing process more …
-
Secure Code Review Automation
Secure code review is the process of auditing the source code to verify that proper security controls are in place. It’s always better to …
-
How to become a Monero million(th)aire in just 20 minutes [PODCAST]
Naked Security editor-in-chief Anna Brading is back in the presenter’s seat, talking to Mark Stockley, Matthew Boddy and Paul Ducklin …
-
Semmle, startup that makes code searchable, hauls in $21M Series B
Semmle, a startup that originally spun out of research at Oxford, announced a $21 million Series B investment today led by Accel Partners. …
●●●