In an effort to standardize mobile security, 20 different companies in collaboration with the Internet of Security Things Alliance (ioXt) worked on adding a new set of security and privacy requirements for mobile apps and VPNs. Google, Amazon, NowSecure, NCC Group, DEKRA, Onware Security, and 7layers are among the companies who helped contribute to the … continue reading
Automating policy enforcement is a key component of ensuring development teams are releasing secure applications in today’s fast-paced, cloud-native world. Many DevSecOps teams are achieving this by utilizing policy as code. According to Tim Hinrichs, co-founder of Styra, policy as code provides a specific file format for policy that is readable by machines, which allows … continue reading
The Eclipse Foundation this week announced that when AdoptOpenJDK transitions to the foundation under its new name: Eclipse Adoptium, it will focus on building a new infrastructure called Eclipse Temurin for building and releasing JDK releases. AdoptOpenJDK is a project that allows Java developers to download OpenJDK binaries. “Our goal is to meet the needs … continue reading
Google has announced it is making its no-code platform AppSheet Automation generally available. The platform was first announced last fall. AppSheet Automation helps companies automate their manual tasks and focus more of their time and effort on high-impact work. Its Intelligent Document Processing feature, for example, allows users to automatically extract unstructured data from documents … continue reading
Automation is becoming increasingly tied to the testing process. According to PractiTest’s recently released State of Testing report, 90% of organizations implement test automation into their processes. Ninety-seven percent of respondents said that functional testing automation was important for success, and 96% said test automation patterns, principles, and practices were also critical. This automation isn’t … continue reading
If you do a Google search for the phrase “observability tools,” it’ll return about 3.3 million results. As observability is the hot thing right now, every vendor is trying to get aboard the observability train. But observability is not as simple as buying a tool; it’s more of a process change — a way of … continue reading
The latest version of the NativeScript framework is now available. NativeScript 8.0 features more streamlining of the core of the framework so that it can serve as a good foundation for future enhancements, as well as the release of a new Best Practices Guide. According to the team, the previous release last Fall, NativeScript 7.0, … continue reading
Bridgecrew has announced the release of Checkov 2.0. Checkov is a static code analysis tool specifically designed for Infrastructure as Code (IaC). “Policies that take into account interdependencies within IaC are critical to understanding the impact of misconfigurations,” said Rob Eden, senior engineer and Checkov contributor. “It’s not enough to know that a security group … continue reading
Microsoft has announced a preview of its build of OpenJDK, which is the open-source distribution for Java. Microsoft’s OpenJDK build includes binaries for Java 11, and the company has also released an early access binary for Java 16 for Windows on ARM. “Java is one of the most important programming languages used today — developers … continue reading
The MIT Internet Policy Research Initiative (IRPI) in collaboration with the Computer Science and Artificial Intelligence Laboratory (CSAIL) have launched a new initiative on data privacy. The MIT Future of Data, Trust, and Privacy initiative aims to bring together MIT research with public policy expertise. “The confluence of powerful data analytics, artificial intelligence, and global … continue reading
Many companies have just surpassed the one-year anniversary of sending their employees home to work remotely as a safety measure for COVID-19. At the time, many thought this might be a temporary situation and folks would return to the office after a month or so, but one year later, many workers haven’t returned to the … continue reading
GitLab has announced that it is open sourcing its fuzz testing engine Protocol Fuzzer Community Edition. According to GitLab, fuzz testing is the process of “inputting unexpected, malformed, and/or random data to measure response or stability of an application or service.” It helps developers discover software bugs that are often missed by typical QA methods … continue reading
