BT

InfoQ Homepage Security Code Reviews Content on InfoQ

News

RSS Feed
  • Design and Security in Agile: QCon London Q&A

    Reviews of design diagrams by domain experts can detect potential security breaches not found by vulnerability scans or security automation. Such reviews should focus on critical functions like issuing and managing access tokens, transferring data to external services, and running untrusted code, said Kevin Gilpin, enterprise software engineer and co-founder of AppLand, at QCon London 2019.

  • DevSecOps Grows Up and Finds Itself a Community

    On June 28th, the first DevSecOps Days event came to London following a similar event in San Francisco in April. It kicked off with a welcome address from event founders, Mark Miller and John Willis, who explained that the intention is to replicate the DevOpsDays model and empower communities worldwide to stand up their own events.

  • GitLab Web IDE Goes GA and Open-Source in GitLab 10.7

    GitLab Web IDE, aimed to simplify the workflow of accepting merge requests, is generally available in GitLab 10.7, along with other features aimed to improve C++ and Go code security and improve Kubernets integration.

  • A Look Back at the Linux Kernel Backdoor

    With all of the recent concern over the US government’s National Security Agency (NSA) some of the attention has turn to the possibility of backdoors. Back in 2003 someone attempted to insert a backdoor into the Linux kernel. Though caught, it illustrates how seemingly innocuous changes can introduce vulnerabilities and the importance of tractability in source control.

  • Security Assessment Techniques: Code Review v Pen Testing

    Web application security testing and assessment should include both security code review and penetration testing techniques. Dave Wichers, an OWASP Board Member, spoke at the recent AppSec DC 2010 Conference about the pros and cons of code reviews and penetration testing approaches in finding security vulnerabilities in web applications.

BT

Is your profile up-to-date? Please take a moment to review and update.

Note: If updating/changing your email, a validation request will be sent

Company name:
Company role:
Company size:
Country/Zone:
State/Province/Region:
You will be sent an email to validate the new email address. This pop-up will close itself in a few moments.