Deepfactor Release 3.3 Overview In Release 3.3 of Deepfactor Developer Security, we have made significant enhancements to the platform's artifact scanner and runtime correlation to help users prioritize SCA findings.…
Another August, another Hacker Summer Camp. The annual gathering of 25,000 like-minded hackers and security enthusiasts descended on Vegas for a week of get togethers, talks, and parties. This year…
Zenbleed (CVE-2023-20593) was announced today. This is a vulnerability affecting AMD processors based on the Zen2 microarchitecture (certain EPYC CPUs used in datacenter servers and Ryzen/Threadripper CPUs used in desktop/laptop…
CVE-2023-38408, discovered by the Qualys Threat Research Unit (TRU), describes an RCE (remote code execution) vulnerability made possible by an unwanted interaction between OpenSSH’s ssh-agent executable, the dlopen() and dlclose()…
In preparation for the June 11th deadline of President Biden’s Executive Order (EO) on Improving the Nation’s Cybersecurity, Deepfactor has focused on educating customers about the importance of accurately and…
Modern applications rely on open source and third-party software for a majority of their code base. Many of those software building blocks come with vulnerabilities and license risks that organizations…
With the June 2023 Supply Chain Security executive order looming, Deepfactor 3.2 introduces important SCA, SBOM, and runtime security enhancements designed to help customers reduce risk, improve supply chain security,…
In the past couple of years in my technical product role here at Deepfactor, I have had several meetings with VPs and directors of security from large, global organizations in…
When Deepfactor was launched in September 2020, the market was [being] upended by technical innovations in containerization (i.e. K8s), software delivery (i.e. CI/CD), and security (i.e. more on that below).…
By Guest Author Teja Myneedu, Director—Product Security Engineering and Research, TripActions OpenSSL is a commonly used cryptographic toolkit widely used for SSL/TLS across web-based applications. The OpenSSL project routinely releases bug…
By Guest Author Teja Myneedu, Director—Product Security Engineering and Research, TripActions Following the Log4Shell exploit discovered in Java logging library Log4j in December 2021, it is the latest trend to…
Deepfactor Developer Security 3.0 Adds Real-Time DevSecOps Insights with Intuitive Developer Friendly User Experience Deepfactor Developer Security 3.0 includes significant architectural changes to improve the product experience for developers, AppSec…
