Parasoft has expanded its API and SAST testing with enhanced OWASP support. The upgrade features penetration testing, which shifts security testing into developer workflows. This shift will address API security issues by identifying vulnerabilities in APIs. The platform integrates Parasoft SOAtest and Smart API Test Generator with OWASP ZAP to build security into development workflows. … continue reading
OpenVSCode provides a version of VS Code that runs on a server on a remote machine and allows access through a modern web browser. It’s based on the same infrastructure used by Gitpod or GitHub Codespaces at scale. According to the project’s GitHub page, in 2019 the VS Code team began refactoring its architecture in … continue reading
Google today announced Google Cloud Deploy, a managed, opinionated continuous delivery service that makes continuous delivery to GKE easier, faster, and more reliable. Deploying container image artifacts into various environments remains a difficult task to many, and there are still no agreed-upon best practices. “Google Cloud Deploy is the product of discussions with more than … continue reading
Just over half of developers feel that security policies stifle their innovation and only about a third of developers reported that they are thoroughly educated on the security procedures they are expected to execute, according to a new report by VMware and Forrester. Forrester conducted a VMware-commissioned survey called “Bridging the Developer and Security Divide” … continue reading
GitLab announced the release of GitLab 14.3 with project-level security scan execution policies, next generation SAST to reduce Ruby false positives, group level permissions for protected environments and group access for the GitLab Kubernetes Agent. The project-level DAST and secret detection scan execution policies allow users to require DAST and secret detection scans to run … continue reading
DevOps has been a talking point in the development space for about a decade, but despite its age, some feel it’s still in its early days. One such person with that belief is Steve Kearns, the vice president of product management at Elastic, who joined SD Times podcast “What the Dev?” to explain his reasoning. … continue reading
Recently, Google added a Cloud Shell integration within each documentation page. This allows users to test code in a virtual machine instance directly from the documentation, cutting down on shifting between the documentation and a terminal window to run commands in a tutorial. Google Shell also comes already installed with common command-line tools, programming languages, … continue reading
Netlify introduced new features, workflow, and automation for enterprises building modern web applications at scale. The new team governance features and Jira integration make it easier for large-scale enterprises to benefit from the Jamstack ecosystem and best practices. The company added a new integration with Jira to accelerate feedback on web projects, and availability of … continue reading
New data shows a direct correlation between resignations, departing employees, and data exposure events. This is of particular interest to organizations currently as companies experience what’s been called “the Great Resignation.” As employees leave their companies, they oftentimes — intentionally or otherwise — take valuable source code, patent applications, and customer lists with them. Code42, … continue reading
Apple announced that users can now easily create custom marketing assets such as banners and images to promote their apps on social media and more. One just needs to select their app, choose a template, customize their design, and add preset messages in multiple languages. The new App Store marketing tools can also be used … continue reading
I’m often asked if and when fully autonomous testing could become a reality. That’s a topic I love to discuss. But, before delving into that, let’s take a closer look at the two words that make up that term. Autonomous, meaning “without human intervention,” is pretty simple. Testing is more difficult because the investigative, inquisitive … continue reading
Wind River has announced that it completed the acquisition of the UI/UX design company Particle Design which brings UI/UX capabilities to the new Wind River Studio offering. Particle Design offers end-to-end UX research services that employ a range of methodologies from ethnographic research to user evaluations and usability testing; its design services include prototyping, interaction … continue reading
