FEATURED ARTICLES

Topic Spotlight

LATEST FROM DEVOPS.COM

GitHub Brings 2FA to JavaScript Package Manager

GitHub has made generally available a two-factor authentication tool for the package manager for JavaScript applications maintained by its NPM, Inc. arm. In addition, all npm packages have been re-signed and there is now an npm command line interface (CLI) command to audit package integrity. Finally, GitHub has added the ability to connect GitHub and […] The post GitHub Brings 2FA to JavaScript Package Manager appeared first on DevOps.com. [...]

CREST Defines Quality Verification Standard for AppSec Testing

At the Black Hat USA 2022 conference, CREST today shared a quality assurance verification standard to improve application security testing. The standard is based on the open source framework defined by the Open Web Application Security Project (OWASP). Tom Brennan, executive director for Americas at CREST, said the OWASP Verification Standard (OVS) measures an organization’s […] The post CREST Defines Quality Verification Standard for AppSec Testing appeared first on DevOps.com. [...]

IBM Unveils Simulation Tool for Attacking SCM Platforms

At the Black Hat USA 2022 conference, IBM today revealed it is making available a toolkit for launching simulated attacks against source code management (SCM) platforms. The toolkit was launched as a proof-of-concept. Brett Hawkins, head of adversary simulation for the X-Force Red arm of IBM Security, said the SCMKit takes advantage of the REST […] The post IBM Unveils Simulation Tool for Attacking SCM Platforms appeared first on DevOps.com. [...]