Time to market is a key indicator today of business success, and anything that impedes a business’ ability to move fast needs to be addressed. While there have been a number of efforts to automate and integrate security into the application development process, it continues to be a hindrance to many organizations. Organizations are still … continue reading
Making security easy for developers, in their preferred tools, while still generating reports for the CISO is a challenge many organizations face today, when the reality is that late-stage security approaches can’t plug vulnerabilities deep within applications. Yet putting the onus squarely on developers is a gamble, as many aren’t knowledgeable about certain kinds of … continue reading
GitLab.com has announced that it is changing its content delivery network to Cloudflare. Currently, they are using Fastly to serve content, but switching to Cloudflare will allow them to have a single vendor for CDN, WAF, and DDoS protection. According to GitLab, this will only affect some GitLab.com users, not GitLab self-managed users. Affected users … continue reading
The security aspect of DevOps is evolving as new data found a new wave of engineering-led software security efforts originating bottom-up in the development and operations teams rather than top-down from a centralized software security group (SSG). Software security initiatives (SSIs) have identified a number of individuals (often developers, testers, and architects) who are invested … continue reading
Today’s companies must become software companies to keep pace with competitive pressures and customer demands. As organizations become increasingly software-enabled, their footprints are extending out to cloud environments and the Internet of Things (IoT), increasing application complexity and the associated risks. With Synopsys, software teams can avoid the usual trade-offs between faster time-to-market imperatives, security … continue reading
Aqua Security enables enterprises to secure their container and cloud-native applications from development to production, accelerating application deployment and bridging the gap between DevOps and IT security. The Aqua Container Security Platform protects applications running on-premises or in the cloud, across a broad range of platform technologies, orchestrators and cloud providers. Aqua secures the entire … continue reading
As teams are pressured to release software more rapidly, more and more aspects of software development are being forced to “shift left,” moving up earlier in the development lifecycle. Because of the speed in which code is updated and delivered, security can no longer be thought of as an afterthought, said Rani Osnat, VP of … continue reading
Google has announced new changes to the WearOS by Google developer preview. According to the company, battery life has been a major focus area. After reviewing developer feedback, the company found users were unhappy with the disabling of alarms and jobs for background apps. As a result, Google is reversing the change and will be … continue reading
Synopsys is continuing on with Black Duck’s tradition of naming Open Source Rookies of the Year. The decade-long tradition was established by Black Duck and designed to recognized the latest and greatest open-source projects. Synopsys announced it had acquired Black Duck Software in December of last year. The Open Source Rookies represent the top open … continue reading
Synopsys officially announced the acquisition of Black Duck Software this week. The companies first entered into an agreement that would enable Synopsys to acquire Black Duck early last month. According to Synopsys, the acquisition of Black Duck will help provide its customers with visibility into open source software. Black Duck provides automated solutions that detect … continue reading
Synopsys and Black Duck Software have signed an agreement that will allow Synopsys to acquire Black Duck for approximately $565 million. Black Duck is known for its open source security and license management solutions. The acquisition is expected to close in December of this year. The transaction will be subject to Hart Scott Rodino regulatory … continue reading
Electronic design automation company Synopsys released the findings of its 2017 Coverity Scan Report, which shows an increased of “project maturity” in the over 4,600 open source software projects analyzed based on certain secure development strategies. The 20-page report outlines Synopsys’s method of gathering user-submitted projects, encompassing approximately 760 million lines of code, and analyzing … continue reading
