SOFTWARE SECURITY
Fusion Connect | July 22, 2022
Fusion Connect, a leading provider of managed security and collaboration services, has launched a comprehensive security offering with a new endpoint management and security service that allows businesses to identify, control, and secure devices and applications at a time when security threats continue to disrupt companies globally.
The new portfolio enables organizations to better understand the complete picture of their security risks and take action to mitigate them. Fusion Connect provides a complete solution that secures against threats while also hunting for unknown vulnerabilities that can upend a business from managing network components with advanced edge security for unified threat management (UTM) and remote access VPN to device level management.
Additionally, the new portfolio helps organizations to improve reaction time to threats by connecting and securing any element in the organization's environment. The centralized platform enables enterprises to take swift action by providing a wide range of capabilities to improve IT efficiency and security hygiene.
Fusion Connect's enhanced security measures come at a time when a massive talent shortage persists globally. According to (ISC)², the size of the cybersecurity workforce is 65% below what it needs to be.
"Heavier workloads, unfilled positions, and security employee burnout are making things especially chaotic in cybersecurity. "With cyberattacks becoming more common, more sophisticated, and more costly, businesses need to quickly fill gaps and stop just simply firefighting. Using artificial intelligence and strategic managed services partners are ways to ensure organizations are protected and can mitigate threats before the attack occurs. And that's what our latest offering addresses."
Ken Morford, Vice President of Security at Fusion Connect
Fusion Connect plans to continue expanding its comprehensive security portfolio to empower CISOs to gain the control, visibility, and speed needed to thwart cyber threats and keep their networks and organizations secure.
About Fusion Connect
Fusion Connect manages, orchestrates, and secures the critical technology infrastructure that enables the connected enterprise. We tailor our highly available and secure cloud communication, collaboration, security, and network management platforms to meet the unique needs of our mid-market and enterprise customers. Our AI-based management systems, along with our highly skilled technicians, dynamically ensure world-class application performance under any conditions.
Read More
DATA SECURITY,PLATFORM SECURITY,SOFTWARE SECURITY
Security Compass | August 26, 2022
Security Compass, a leading cybersecurity solution provider, has published the results of a research study examining developer views on application security, including the challenges and opportunities they face in their secure development efforts. The report, “2022 Developer Perspectives on Application Security,” provides a deep dive into security maturity, threats, requirements, tools, resources, and training.
In order for software developers and security teams to effectively collaborate and ensure that a company’s software products are secure, developers need automated, current, relevant, and actionable JITT training embedded into their development tools and processes. Security Compass’ research found that while most developers believe their enterprise has a mature security posture, almost half find it challenging to stay up to date with current security and compliance-related activities. The “2022 Developer Perspectives on Application Security” study raises awareness about how automation can solve many challenges for developers in secure application development.
Key takeaways from the study include:
The number one most important means to thwarting security threats according to developers is automated threat modeling (46% claiming it was “mission critical” and another 36% indicating it was “quite important”).
42% of developers who have been assigned requirements related to security and compliance find it challenging to stay up to date with current security and compliance-related activities.
28% of respondents claim that scope “creep” in security compounds challenges, with another 19% believing that security processes take too much time.
Overall, developers are in favor of security training, with 32% of developers opting to pursue training on their own (63% of respondents reported being mandated to do training).
Developers from smaller companies ($10M to $100M) were more than twice as likely (31% vs. 14%) as those from the largest companies ($5B+) to use ad hoc or reactive means to “gate-keep” releases from a security perspective.
On average, 34% of software requirements are related in some way to security and compliance, yet only 25% of companies have shifted security left into the Design Stage of software development.
“When building secure software, developers must be system thinkers. Ideally, they engage secure methods early in the design process, engage with key security personnel and stakeholders and insist on automated cybersecurity tools that efficiently guide them throughout the SDLC," said Rohit Sethi, CEO of Security Compass. “Software built with the needs of software developers at the forefront is essential to the task of cybersecurity, and companies that want to attract and support developers in their efforts to build cyber-resilient software need to look to integrated cybersecurity software. This is reinforced by Security Compass’ study that software that provides just-in-time training (JITT) and guidelines for software developers is essential for accomplishing these goals.”
For more information about the adoption of security and compliance processes by developers across organizations of various sizes, download the full “2022 Developer Perspectives on Application Security” study.
About the Survey
Security Compass commissioned Golfdale Consulting to conduct this survey research project. The survey was conducted in Q2 2022 and was based on 250 respondents from the US and UK markets working in companies ranging from $10 million to $10 billion in size. Half of the developers surveyed worked for technology companies, while the other half came from enterprises ranging from manufacturing to insurance . Respondent roles included a mix of developers from software development/DevOps (62%), IT infrastructure and back office (22%) and cyber/information security (14%).
About Security Compass
Security Compass, a pioneer in application security, enables organizations to shift left and build secure applications by design, integrated directly with existing DevSecOps tools and workflows. Its flagship product, SD Elements, helps organizations accelerate software time to market and reduce cyber risks by taking an automated, developer-centric approach to threat modeling, secure development, and compliance. Security Compass is the trusted solution provider to leading financial and technology organizations, the U.S. Department of Defense, government agencies, and renowned global brands across multiple industries.
Read More
DATA SECURITY,PLATFORM SECURITY,SOFTWARE SECURITY
Copado | September 01, 2022
Copado, the global leader in low-code DevOps, today announced it launched a new DevSecOps training module to help make software releases faster and more secure. The new module is available in the Copado Community, where its 55,000 members can learn, connect and grow their careers. Copado has already trained more than 35,000 DevOps specialists and certified more than 20,000 DevOps professionals with a goal to train 15,000 more by the end of 2022.
Research has shown that 70% of development teams lack the knowledge and skills needed to implement DevSecOps best practices.
"Without DevSecOps best practices, software releases can be plagued with quality and security issues, costing more time and money post-production to correct them. "To address this growing need for DevSecOps skill sets, Copado is offering self-paced online training to upskill DevOps professionals, administrators, developers and architects. Our community can help jumpstart a new career path or level up your current path by unlocking your full potential."
Pat McQueen, Senior Vice President of Customer Success & Global Services at Copado
The DevSecOps module is designed to help make release cycles shorter, more secure and resilient. It explains how to integrate compliance, security and testing in a DevOps pipeline in order to avoid cybersecurity architects manually maintaining the security consoles and additional configurations in the application. It highlights the importance of security and compliance for an organization, identifies DevSecOps best practices, and explains how to build a successful DevSecOps strategy and culture.
Copado also joined industry leaders Accenture, Broadcom, IBM and others in the new OASIS Open Value Stream Management (VSM) Interoperability Technical Committee. The group will develop new interoperability standards to enable VSM data sharing across platforms.
"DevOps and DevSecOps are extremely fractured markets when it comes to tools: there are literally thousands of products that are involved in building resilient pipelines," said Daniel Riedel, Senior Vice President of Strategic Services for Copado. "As the industry matures, value stream management will help bring observability to the process. Creating an interoperability standard now will ensure that organizations can rely on cohesiveness in tool integration. Interoperability will provide the transparency to ensure a stronger, more resilient infrastructure for customers and employees."
About Copado
Copado is the leading DevOps and testing solution for low-code SaaS platforms that run the world's largest digital transformations. Backed by Insight Partners, Salesforce Ventures and SoftBank Vision Fund, Copado accelerates multi-cloud, enterprise deployments by automating the end-to-end software delivery process to maximize customers' return on their cloud investment. More than 1,000 companies rely on Copado to drive digital transformation with speed, quality and value including Boston Scientific, Coca-Cola, Fair Trade, Linde, MassMutual, Schneider Electric and Shell. Copado processes over 50 million DevOps transactions per month and is rated with a 100% score on the Salesforce AppExchange.
Read More