April 15, 2021

FBI patches Exchange server backdoors

IcedID looks to fill the Emotet malware void

Draft plan to improve US power grid security

Thanks to our episode sponsor, Sonatype

Ask any software developer, and they’ll tell you the truth about two things: 1. Conventional code analysis and appsec tools are noisy and not well integrated into the dev workflow. 2: Tools that don’t actually make life easier for them just add friction and are ignored. Rather than slowing devs down with process-heavy security gates or circuitous quality alerts, Sonatype believes developers are better served by gentle, timely, and effective nudges that actually help them improve the quality, and security of the applications they are building.