FBI patches Exchange server backdoors
IcedID looks to fill the Emotet malware void
Draft plan to improve US power grid security
Thanks to our episode sponsor, Sonatype
Ask any software developer, and they’ll tell you the truth about two things:
1. Conventional code analysis and appsec tools are noisy and not well integrated into the dev workflow.
2: Tools that don’t actually make life easier for them just add friction and are ignored.
Rather than slowing devs down with process-heavy security gates or circuitous quality alerts, Sonatype believes developers are better served by gentle, timely, and effective nudges that actually help them improve the quality, and security of the applications they are building.
