CodeSec offers greater code scanning scope for developers

Contrast Security’s free new CodeSec tool was built to help developers secure code quicker without disrupting their workflows, as code scanning is becoming a bigger responsibility for dev teams. Developers are often forced to choose between antiquated enterprise tools that often lack UI functionality and don’t integrate with their workflow, or new developer-centric tools that …

SD Times Open-Source Project of the Week: Milvus

Milvus is an open-source vector database that is capable of managing large quantities of both structured and unstructured data to accelerate the development of next-generation data fabric.  According to Zilliz, the database company that created the project, Milvus is built for scalable similarity search used by enterprises spanning several industries. It also works with distributed …

Report: 93% of IT leaders struggle with application modernization

Cloud consulting company, Asperitas, has revealed the results of its survey on enterprise application modernization. The report showed that despite widespread agreement that there is value in application modernization, several enterprise IT executives are still struggling with the process. The survey looked at 150 IT leaders who have been involved with some sort of application …

The future of working in the Metaverse

Facebook’s transition into Meta and the teases that followed about the Metaverse have resulted in many questions that are still yet to be answered. While the buzz around virtual and augmented reality technology continues to grow, the potential of the Metaverse is seemingly endless.  Just as computers and the internet did all those years ago, …

Latest News

New CI/CD configuration policies added to Checkov

Checkov, the open-source tool for finding infrastructure misconfigurations, has been updated with new CI/CD configuration policies. These policies can be applied across popular CI/CD frameworks like GitHub Actions, GitLab Runners, BitBucket Pipelines, CircleCI, and Argo.  Checkov has a developer-first approach to supply chain security, so it embeds these CI/CD policies directly into existing DevOps workflows …

Report: Companies are slow to make transition to SAP S/4HANA

Only a small portion of SAP users have finished making the transition to SAP S/4HANA, which is a version of SAP based on the HANA database, introduced in 2015. According to LeanIX, SAP S/4HANA redefines ERP systems and is the most notable SAP update since 1992 with the introduction of SAP R/3.  Twelve percent of …

Automated testing still lags

Automated testing initiatives still lag behind in many organizations as increasingly complex testing environments are met with a lack of skilled personnel to set up tests.  Recent research conducted by Forrester and commissioned by Keysight found that while only 11% of respondents had fully automated testing, 84% percent of respondents said that the majority of …

Harness releases Security Testing Orchestration

Harness Security Testing Orchestration (STO) was launched today to help businesses deliver value quicker by increasing velocity and security in deployments. The tool automates security scanning and governance in the software delivery process. Although DevSecOps gets rid of many late-stage security concerns, it also forces developers to balance quality and speed at which to deliver …

The biggest challenges facing developer managers today

The software development industry is one that is rapidly shifting and evolving. With new technological advancements coming onto the market everyday, managers of development teams need to be adaptable in their management style as well as persistent in overcoming roadblocks. As a manager, dealing with and overcoming challenges is inevitable. The real question is: which …

Opsera introduces GitCustodian to protect source code repositories

The team at Opsera, the Continuous Orchestration platform for DevOps, today announced the release of Opsera GitCustodian. This new solution is intended to alert security and DevOps teams of vulnerable data found in source code repositories so that they can prevent vulnerabilities from making it to production. GitCustodian also works to automate the remediation process …

Solving the issues with current documentation practices

When working on a development team, transparency and knowledge sharing are essential in order to keep track of changes in the code and limit vulnerabilities. This is why creating proper documentation should be considered a top priority for all developers. It is also why the consequences of missing or inadequate documentation can impede application updates …

Asking developers to do security is a risk in itself without training

As the pace and complexity of software development increases, organizations are looking for ways to improve the performance and effectiveness of their application security testing, including “shifting left” by integrating security testing directly into developer tools and workflows. This makes a lot of sense, because defects, including security defects, can often be addressed faster and …

Service virtualization: A continuous life cycle technology

Service virtualization has helped countless organizations perform tests on application components that live outside their development organizations, or that are not available to the tester when needed to complete their tests. Virtualization enables organizations to put up a virtual service more easily than they can “yank a box on an Amazon server,” explained Shamim Ahmed, …

A guide to Agile tools

The following is a listing of Agile tool providers, along with a brief description of their offerings.  ValueOps by Broadcom Software delivers on the promise of value stream management (VSM) as the first to combine business and investment-oriented product management with advanced, operationally-focused agile planning and management capabilities. The integration of Broadcom’s proven Clarity and …

Latest Webinars

Threat Landscapes: An Upstream and Downstream Moving Target

LIVE! September 8th, 2022 @ 1:00PM ET | 10:00AM PT Hackers are becoming increasingly sophisticated and calculated in the ways in which they deliver attacks upstream in the software supply chain. There are growing numbers of organized attackers whose sole focus is exploiting vulnerabilities in open source ecosystems, frequently by making their malware appear legitimate. …

SD Times Live! microwebinar series – Value Stream Management

NEXT TOPIC LIVE STREAMING August 16, 2022 @ 1PM ET | 10AM PT Topic 6 of 6 – “How Automating with VSM Unifies Disparate Teams” We as an industry cannot afford to ignore the dangers of siloed software delivery. The cost of a siloed workforce is staggering, resulting in project delays, declining software quality, and …

Write a year’s worth of code in 8 hours: Accelerate your Java pipeline with AI-assisted coding

AVAILABLE NOW Modern development strategies employ different tactics to deliver code more quickly, from agile planning to cross-functional teams to ‘shift left’. Unit testing has an important role to play, accelerating cycle times by detecting regressions at the earliest possible stage. Since testing remains a significant bottleneck in most CI pipelines, the gains can be …

Modernize Your Pipelines with Best Practices Built-In

AVAILABLE NOW Declarative pipelines provide a more modern, opinionated approach to pipeline creation and management. But what are they really? What benefit do they bring to your CI/CD processes? Our three expert panelists discussed: What declarative pipelines are and how they are used Where they are most useful Best practices around creating declarative pipelines in …

Introducing Contrast’s New Free Developer Security Tool – CodeSec!

AVAILABLE NOW As the need for code to be deployed faster grows every year. Code scanning has become a great part of the developer role. As such, Dev teams need a simple-to-integrate security tool that allows them to secure code quickly and accurately without disrupting their workflow. That is why Contrast is proud to introduce …

Protecting your Spring Boot applications from recent critical vulnerabilities

AVAILABLE NOW Spring Boot is a common framework for building Spring-based applications. But all frameworks have their risks, and Spring Boot is no exception. Recently, zero day vulnerabilities in the Spring Framework and Spring Boot have created increased demand for security for Spring Boot. For example, Spring Boot was recently impacted by the SpringShell vulnerability …

Learning Center

  • Webinars

    Threat Landscapes: An Upstream and Downstream Moving Target

    LIVE! September 8th, 2022 @ 1:00PM ET | 10:00AM PT Hackers are becoming increasingly sophisticated and calculated in the ways in which they deliver attacks upstream in the software supply chain. There are growing numbers of organized attackers whose sole focus is exploiting vulnerabilities in open source ecosystems, frequently by making their malware appear legitimate. …

  • Webinars

    SD Times Live! microwebinar series – Value Stream Management

    NEXT TOPIC LIVE STREAMING August 16, 2022 @ 1PM ET | 10AM PT Topic 6 of 6 – “How Automating with VSM Unifies Disparate Teams” We as an industry cannot afford to ignore the dangers of siloed software delivery. The cost of a siloed workforce is staggering, resulting in project delays, declining software quality, and …

  • White Papers

    2022 CI/CD Solutions Guide

    In the past, the CI/CD pipelines were simply a place to integrate code. Developers would write their code in GitHub, pass it through the pipeline, and then deploy it. However, with the emergence of shift left security and newer automation practices, the pipeline has become a much more critical piece of the software delivery lifecycle. …

  • White Papers

    Guide: The secure code training blueprint

    Defining a plan to improve developer security maturity is no easy task when you still have compliance requirements and release deadlines to meet. But it is a worthy one that will pay dividends in improved productivity and reduced risk. In this guide, we explore the lessons learned from three real-life Secure Code Warrior customers so …

  • Webinars

    Write a year’s worth of code in 8 hours: Accelerate your Java pipeline with AI-assisted coding

    AVAILABLE NOW Modern development strategies employ different tactics to deliver code more quickly, from agile planning to cross-functional teams to ‘shift left’. Unit testing has an important role to play, accelerating cycle times by detecting regressions at the earliest possible stage. Since testing remains a significant bottleneck in most CI pipelines, the gains can be …

  • Webinars

    Modernize Your Pipelines with Best Practices Built-In

    AVAILABLE NOW Declarative pipelines provide a more modern, opinionated approach to pipeline creation and management. But what are they really? What benefit do they bring to your CI/CD processes? Our three expert panelists discussed: What declarative pipelines are and how they are used Where they are most useful Best practices around creating declarative pipelines in …

SD Times Newswire

HTML Snippets Powered By : XYZScripts.com

Get access to this and other exclusive articles for FREE!

There's no charge and it only takes a few seconds.

Sign up now!