OpenSSF announced the Alpha-Omega Project to improve the security posture of open-source software by working together with software security experts. Microsoft and Google are supporting the project, which aims to improve global OSS supply chain security by working with project maintainers to systematically look for new, as-yet-undiscovered vulnerabilities in open source code with a $5 … continue reading
Contrast Security has announced that it is entering into a partnership with GitHub. With this comes the availability of Contrast Security’s suite of GitHub Actions that simplifies the process for developers to deliver code with no security vulnerabilities. Contrast’s GitHub Actions include four features that work to embed security into existing value streams. These actions … continue reading
Despite recent events, like the discovery of the Log4j vulnerability late last year, that have highlighted the need for companies to have insight into what open source components they are utilizing, and what versions, fewer than half of companies have a software bill of materials (SBOMs) in place. This is according to a report by … continue reading
Codefresh launched the Codefresh Software Delivery Platform (CSDP), which brings the Argo toolset, including Workflows, Events, CD, and Rollouts, into a single platform. Argo is an open-source project that Codefresh maintains that offers tools for running workflows and managing clusters in Kubernetes. “Enterprise-class tooling for Argo – built on GitOps best practices – enables faster … continue reading
Security company ShiftLeft today announced the new release of its ShiftLeft CORE platform with the Velocity Update that has new features for identifying and addressing potential vulnerabilities earlier in the software development life cycle. New features and capabilities include the ability to perform code analysis for Kotlin apps for mobile development, which is an early-stage … continue reading
Idera, parent company of global B2B software productivity brands, recently announced that it has acquired Yellowfin, the embedded data analytics and business intelligence platform for augmented business users and developers. With this, Yellowfin joins apilayer, Embarcadero, Filestack, Froala, FusionCharts, LANSA, Sencha, UltraEdit, and Whole Tomato as a part of Idera’s Developer Tools Business. Yellowfin brings … continue reading
The team at JSON Schema recently unveiled that JSON Schema is the newest technical project hosted under the OpenJS Foundation. JSON Schema is a vocabulary that allows for the annotation and validation of JSON documents. Additionally, JSON Schema defines how a JSON should be structured and provides users with human and machine readable documentation. “We … continue reading
Several countries have successfully implemented major data privacy and protection regulations over the past decade. The EU’s General Data Protection Regulation (GDPR) drastically changed how companies managed data, not just for their customers in the EU, but worldwide. Then came the California Consumer Privacy Act (CCPA), which had a similar cascading effect when companies decided … continue reading
In honor of Data Privacy Day, today Google shared updates on its effort to create free tools geared towards helping the developer community build and launch new applications for differential privacy. In partnership with OpenMinded, an organization of open-source developers, Google achieved a new milestone with its differential privacy framework. This product enables any Python … continue reading
Even in a society so heavily reliant on the internet, millions of people remain ignorant of who has access to their personal information on the web–and what can be done with that information. This year, the National Cybersecurity Alliance (NCSA) has expanded its annual Data Privacy Day into Data Privacy Week. The event runs from … continue reading
Elyra is a set of AI-centric extensions to JupyterLab Notebooks that includes features like an AI pipelines visual editor; the ability to run a notebook, Python, or R script as a batch job; reusable code snippets, and more. To create pipelines using the Visual Pipeline Editor, users need to open the JupyterLab Launcher and select … continue reading
DevOps Institute, a professional member association and certification authority for advancing the human elements of DevOps, just announced the availability of its new Continuing Education Program. The program works to provide certified members with the skills, knowledge, and learning needed in order to remain relevant, optimize rising trends, and meet professional goals. This program benefits … continue reading
Weaveworks acquired the policy-as-code startup Magalix to secure Kubernetes applications by integrating the solution into Weave GitOps. “Enterprise customers have made it clear that trusted application delivery is critical to the success of their increasingly complex cloud native platforms,” said Alexis Richardson, the CEO of Weaveworks. “With the acquisition of Magalix, Weaveworks introduces customizable policies, … continue reading
The Android development team has announced that the latest version of its IDE, Android Studio, is now available. Android Studio Bumblebee 2021.1.1, which is the codename for the release, improves functionality for building and deploying, profiling and inspection, and design. One new feature for building and deploying is the new Device Manager, which makes it … continue reading
