When Jeff Williams, co-founder and CTO of Contrast Security, created the OWASP Top Ten list, first published in 2003, he was proud of the work done; but now more than a decade later, Williams expresses disappointment in the unchanged list. RELATED CONTENT: For effective DevSecOps, shift left AND extend right “My thought at the time … continue reading
Contrast Software Contrast Assess produces accurate results without dependence on application security experts, using deep security instrumentation to analyze code in real time from within the application. It scales because it instruments application security into each application, delivering vulnerability assessment across an entire application portfolio. Contrast Assess integrates seamlessly into the software lifecycle and into … continue reading
Jeff Williams, co-founder and CTO, Contrast Security: Contrast is an integration platform for application security. We use an instrumentation-based approach, so we work from inside the running application layer. From there, we support the entire software life cycle with three things. The first thing is, we help identify vulnerabilities. Typically you want them to be … continue reading
DevSecOps has come to be known by many as the shifting left of security, making it a key part of software development while code is being written, as opposed to trying to put security onto the application after it’s completed. This follows the trends of DevOps, which moved operational considerations for applications into development, as … continue reading
Many Americans seem resigned to not having control over their data profiles on the Internet. As larger and more sophisticated data breaches are reported in growing numbers, and companies such as Facebook and Google engage in mysterious data activities, technology users are left not knowing who’s got their data, or what they’re going to do … continue reading
Project management software provider ZenHub today is introducing Workspaces into its platform, enabling teams to view work items in the way that best suits them. Workspaces “evolves the ‘one-view-fits-all’ of project management,” said ZenHub co-founder Aaron Upright. “We recognize teams have different ways of working.” New board functionality built into the platform enables GitHub repositories … continue reading
Red Hat this week announced a rearchitected OpenShift at its Summit conference, with version 4 bringing a cloud-like experience. The company said it will be generally available next month. The release also includes Operator Hub, which makes the concept of operators a first-class citizen in the platform update, according to Brian Micklea, who runs the … continue reading
Red Hat and Microsoft announced at the conference that Azure Red Hat OpenShift — a joint Kubernetes solution running in the Microsoft Azure public cloud. The partnership will allow IT organizations to use Red Hat OpenShift Container Platform on-premises and to bring Azure services to those workloads. The service is backed by Red Hat’s expertise … continue reading
Organizations that really want to make Agile processes work realize they have to make an investment in people. That was among the findings of the 13th State of Agile Report, produced by Collabnet VersionOne and released today. The top three responses to the question of what has been most valuable in helping organizations scale Agile … continue reading
Red Hat this morning announced the release of Red Hat Enterprise Linux 8, which the company said has been redesigned for the hybrid and multcloud era. In its announcement at the company’s annual Summit, Red Hat cited an IDC report showing that a large majority of respondents already deploy multicloud environments, and that 64 percent … continue reading
I find that I’m writing an awful lot about process these days, and I have figured out why. It’s because, if your company is like one of my old ones, your processes are awful. It’s not that all the processes themselves are awful, though some are truly poorly thought-out. A big part of the process … continue reading
Docker today announced the establishment of a foundation to foster education about modern technology in underserved communities. Announced today at DockerCon in San Francisco, Docker Foundation is a non-profit created, according to the company, to “support organizations that align with its mission of enabling a more diverse generation of developers to build our future through … continue reading
