featureThe CSO guide to top security conferencesTracking postponements, cancellations, and conferences gone virtual — CSO Online’s calendar of upcoming security conferences makes it easy to find the events that matter the most to you.By CSO Staff30 Aug 20248 minsTechnology IndustryIT SkillsEvents news analysis Python GitHub token leak shows binary files can burn developers tooBy Lucian Constantin11 Jul 20245 minsDevSecOpsApplication SecuritySoftware Developmentfeature Software supply chain still dangerous despite a slew of effortsBy Cynthia Brumfield10 Jul 202410 minsCloud SecuritySecurity PracticesSupply Chain news analysisWindows path conversion weirdness enables unprivileged rootkit behaviorBy Lucian Constantin 19 Apr 20245 minsWindows SecurityThreat and Vulnerability ManagementVulnerabilities featureOWASP Top 10 OSS Risks: A guide to better open source securityBy Chris Hughes 11 Apr 202411 minsThreat and Vulnerability ManagementVulnerabilitiesOpen Source news analysisDangerous XZ Utils backdoor was the result of years-long supply chain compromise effortBy Lucian Constantin 02 Apr 202410 minsData and Information SecuritySupply ChainVulnerabilities newsMajority of commercial codebases contain high-risk open-source codeBy Grant Gross 29 Feb 20244 minsSecurity AuditsOpen SourceSoftware Development featureRoundup: Global software supply chain security guidance and regulationsBy Chris Hughes 08 Jan 20248 minsGovernmentSupply ChainSecurity Practices newsAlmost all developers are using AI despite security concerns, survey suggestsBy John P. Mello Jr. 29 Nov 20234 minsDevelopment ToolsSecurity PracticesSupply Chain ArticlesfeatureNIST provides solid guidance on software supply chain security in DevSecOps Key recommendations from the NIST’s latest guidance and why they are relevant to modern organizations developing and delivering software.By Chris Hughes 19 Oct 2023 9 minsDevSecOpsSupply ChainSecurity PracticesfeatureHow CISOs can shift from application security to product securityProduct security teams are becoming more popular for the in-depth security approach they take when compared to appsec teams. But there is more to it, which includes creating a security-conscious culture.By Ericka Chickowski 30 Aug 2023 10 minsApplication SecuritySoftware DevelopmentnewsArnica’s real-time, code-risk scanning tools aim to secure supply chainArnica adds new software supply chain security capabilities delivered through real-time code risk management tools.By Shweta Sharma 16 May 2023 4 minsDevSecOpsSupply ChainSoftware DevelopmentnewsGitGuardian’s honeytokens in codebase to fish out DevOps intrusionGitGuardian honeytokens are decoy scripts designed to lure out attackers looking to target critical DevOps environments and enterprise secrets. By Shweta Sharma 11 Apr 2023 4 minsIntrusion Detection SoftwareSoftware DevelopmentnewsUK data regulator issues warning over generative AI data protection concernsThe UK's Information Commission’s Office reminds organizations that data protection laws still apply to unfiltered data used to train large language models.By Charlotte Trueman 04 Apr 2023 3 minsData PrivacyGenerative AIArtificial Intelligencefeature23 DevSecOps tools for baking security into the development processCatch and remediate application vulnerabilities earlier and help integrate security in the the development process with these five categories of DevSecOps tools.By James Martin and George V. Hulme 09 May 2022 8 minsApplication SecuritySecuritySoftware DevelopmentnewsChainguard launches native Kubernetes compliance software EnforceChainguard’s Enforce is designed to help developers define and enact policies for container images to enable safer deployment. By Shweta Sharma 27 Apr 2022 3 minsApplication SecuritySoftware Developmentnews analysisGitHub makes Advisory Database public to improve software supply chain securityResearchers, academics, and enthusiasts can now contribute to and benefit from free, open-source security data on software supply chain vulnerabilities.By Michael Hill 22 Feb 2022 3 minsDevSecOpsSoftware Developmentnews analysisNPM JavaScript registry suffers massive influx of malware, report saysThe NPM JavaScript registry has experienced a jump in malware, including packages related to data theft, crypto mining, botnets, and remote code execution, according to security company WhiteSource.By Shweta Sharma 03 Feb 2022 5 minsSecuritySoftware DevelopmentfeatureTop 10 in-demand cybersecurity skills for 2021The list of needed security skills is long and growing. Here's what experts say is driving the demand.By Mary K. Pratt 15 Dec 2020 9 minsIT SkillsRisk ManagementCareersfeatureHow secure are your AI and machine learning projects?Artificial intelligence and machine learning bring new vulnerabilities along with their benefits. Here's how several companies have minimized their risk.By Maria Korolov 26 Nov 2020 14 minsApplication SecurityData and Information SecuritySecurityfeature4 best practices to avoid vulnerabilities in open-source codeOpen-source code in public repositories might contain malware or unintentional vulnerabilities. Here's how to best manage finding and mitigating potential problems.By Ax Sharma 13 Aug 2020 7 minsApplication SecurityOpen SourceSecurity Show more Show less View all Resources whitepaper Real-Time, All the Time: Fuelling AI success through a continuous data stream With AI dominating conversations everywhere, practitioners and executives are seeking answers: How to succeed with GenAI? Delivering on AI initiatives requires the right strategy, platform and data stack. The post Real-Time, All the Time: Fuelling AI success through a continuous data stream appeared first on Whitepaper Repository –. By StreamSets 26 Aug 2024Artificial IntelligenceData and Information SecurityData Management whitepaper 2023 GigaOm Radar Report on Autonomous Security Operation Center (SOC) Solutions [XSIAM] By Palo Alto Networks 11 Jul 2024Artificial IntelligenceSecuritySecurity Software whitepaper XSIAM E-Book: Machine-Led, Human-Empowered Platform By Palo Alto Networks 11 Jul 2024SecuritySecurity InfrastructureSecurity Operations Center View all Video on demand videoHow to code an interactive shiny app to search Twitter: Do More With R bonus videoLearn how to turn code from Episode 41 into an interactive shiny Web app. 25 Jan 2020 16 minsAnalyticsSoftware Development AI and machine learning in action 22 Jan 2020 24 minsSoftware Development How to boost R Markdown interactivity with runtime Shiny 10 May 2019 13 minsJavaR LanguageSoftware Development How to use tidy eval in R 22 Mar 2019 8 minsR LanguageFunctions as a ServiceAnalytics See all videos Explore a topic Application Security Business Continuity Business Operations Careers Cloud Security Compliance Critical Infrastructure Cybercrime Identity and Access Management Industry IT Leadership Network Security Physical Security Privacy View all topics All topics Close Application Security Business Continuity Business Operations Careers Cloud Security Compliance Critical Infrastructure Cybercrime Identity and Access Management Industry IT Leadership Network Security Physical Security Privacy Risk Management Security Security Infrastructure Vulnerabilities Generative AI Show me morePopularArticlesPodcastsVideos feature How to ensure cybersecurity strategies align with the company’s risk tolerance By Rosalyn Page 03 Sep 202410 mins CSO and CISORisk Management news North Korean hackers actively exploited a critical Chromium zero-day By Shweta Sharma 02 Sep 20243 mins Zero-day vulnerability feature Ransomware recovery: 8 steps to successfully restore from backup By Maria Korolov 02 Sep 202417 mins RansomwareMalwareBackup and Recovery podcast CSO Executive Sessions: Guardians of the Games – How to keep the Olympics and other major events cyber safe 07 Aug 202417 mins CSO and CISO podcast CSO Executive Session India with Dr Susil Kumar Meher, Head Health IT, AIIMS (New Delhi) 17 Jul 202417 mins CSO and CISO podcast CSO Executive Session India with Charanjit Bhatia, Head of Cybersecurity, COE, Bata Brands 08 Jul 202418 mins CSO and CISO video CSO Executive Sessions: Guardians of the Games – How to keep the Olympics and other major events cyber safe 07 Aug 202417 mins RansomwareZero TrustCloud Security video CSO Executive Session India with Dr Susil Kumar Meher, Head Health IT, AIIMS (New Delhi) 17 Jul 202417 mins CSO and CISO video Cybersecurity Insights for Tech Leaders: Addressing Dynamic Threats and AI Risks with Resilience 10 Jul 202424 mins CSO and CISO