In the News

GitHub Desktop 3.0 introduces tools that make it easier for software developers to stay up to date with code changes. Some developers, though, are calling for more features.

Jeff brings more than 20 years of security leadership experience as Co-Founder and Chief Technology Officer of Contrast. 

Steve Wilson is the Chief Product Officer at Contrast Security, with over 25 years of experience developing and marketing products at multi-billion-dollar technology companies such as Citrix, Oracle, and Sun Microsystems.

Every AppSec leader recognizes and admits that software development is accelerating, and there’s no way their current approach is going to keep up.

In 2019, I wrote a post detailing the traits of DevSecOps—the practice can be defined as the process of security automation in which IT and security are more de-siloed.

Logj4Shell brought a lot of misery, the newly discovered SpringShell vulnerability, not to be confused with the totally different Spring Shell project, may bring as much or even more. Here’s why.

More and more functionality, from security to cost management, is now packed into DevOps pipelines -- but if done improperly, "shift left" can create more problems than it solves.

A newly-discovered zero-day vulnerability known as Spring4Shell could have “a larger impact” than Log4j.

Earlier this week, experts released details on a remote code execution (RCE) vulnerability affecting the Spring Framework. 

Security teams around the world got another shock on Thursday when news of disclosure of a PoC for an unauthenticated RCE zero-day vulnerability in Spring Core.