Topic: compliance

The significance of national watchlist screening

Companies in certain industries – banking, healthcare, and the like – are subject to many different regulations when it comes to things like how they store user data, required communications with customers, and what data can and can’t be collected.  For example, financial companies need to comply with Anti-Money Laundering (AML) and Combating the Financing … continue reading

JFrog Curation identifies high-risk packages and compliance issues

JFrog has announced the introduction of JFrog Curation, an automated DevSecOps solution designed to thoroughly inspect and block contaminated open-source or third-party software packages and their respective dependencies before they enter a company’s software development environment.  JFrog Curation, which is integrated with JFrog Artifactory, uses binary metadata for the identification of high-risk packages with high-severity … continue reading

GitLab announces new AI-powered capabilities

GitLab announced that it has been expanding support for Code Suggestions, has added a new level of visibility with Value Stream Dashboard, and has added a new and improved license compliance scanner along with license approval policies.  The company’s aim behind the improvements is to help fill the skills gap since security engineers are outnumbered … continue reading

Qt launches Qt Insight to provide developers with better customer insights

The new Qt Insight platform provides real customer insights into the usage of applications or devices. The platform reveals how users navigate devices, identifies customer pain points, analyzes performance, and creates concrete, evidence-based development plans to optimize product development and lower running costs by eliminating redundant, unused features based on session activity and metrics such … continue reading

Guest View: How compliance fits into DevOps

As security and privacy grow in importance, regulatory compliance is becoming an increasing priority for most businesses. But let’s just say it: compliance audits are not fun.  That’s especially true when it comes to engineering and development teams, who are tasked with gathering all of the relevant data – in other words, evidence – needed … continue reading

Environment-free computing company Gravitational rebrands as Teleport

Gravitational changed its name to Teleport and released the Teleport Unified Access Plane.  “The decision to formally change our name to Teleport supports the natural evolution that our company has followed from the point it was founded – to create software for engineers that allows them to quickly access any resource anywhere,” said Ev Kontsevoy, … continue reading

IBM releases Code Risk Analyzer to shift security left

IBM has announced the Code Risk Analyzer, a focused effort to bring security and compliance analytics to DevSecOps. The Code Risk Analyzer can be configured to run at the beginning of a developer’s code pipeline and it reviews and analyzes Git repositories for known issues with any open-source code that needs to be managed. It … continue reading

Report: 73% of developers sacrifice security for speed

A majority of developers feel forced to sacrifice security for the speed that today’s development cycles require. A recent report from WhiteSource found 73% of security teams at organizations are forced to cut corners, and the AppSec tools they use are to check the box towards DevSecOps improvements and are not effectively used.  “There are … continue reading

Datadog brings security, performance monitoring together with four product releases

Datadog today is revealing its vision for bringing security and performance monitoring into a single platform in the form of updates and new product features for its cloud infrastructure monitoring platform. At its virtual DASH conference this week, the company announced Error Tracking, Incident Management, Compliance Monitoring and Continuous Profiler, rounding out its platform to … continue reading

Governance, compliance and risk management does not have to be a lengthy, tedious process

Software development may be a faster process thanks to the rise of Agile, DevOps, and continuous delivery, but governance, risk and compliance (GRC) management are slowing things down.  There are many manual and lengthy checks that go into GRC to make sure the software is secure, adheres to laws and regulations, and is on track … continue reading

premium Solving your data problem with customized software

Large legacy enterprises have a data problem. Decades of iterative infrastructure updates via relatively small investments have resulted in information silos scattered across different systems and in different formats. For example, a hospital may have patient records in one location and accounting data in another. All of this data is managed by different teams with … continue reading

ChefConf 2018 focuses on application-centric application release automation

Chef announced a number of new updates designed to bring businesses beyond infrastructure-centric configuration management. The company released Chef Automate 2.0, Chef Application Automation and Chef Compliance Automation at its annual conference ChefConf 2018 in Chicago today. “The race to modernize IT by deploying and managing new and legacy applications in multiple environments is greatly … continue reading

DMCA.com Protection Status