Topic: security
SD Times news digest: Electron JS 11.0 released, CodeBot UX is available to early access users, and Build.security emerges from stealth
The new version of Electron JS includes upgrades to Chromium 87, V8, 8.7, and Node.js 12.18.3 as well as support for Apple silicon and general improvements. Other improvements include an added V8 crash message and location information to crashReport parameters and improved performance for sending wide objects over the context bridge. Additional details on all … continue reading
Environment-free computing company Gravitational rebrands as Teleport
Gravitational changed its name to Teleport and released the Teleport Unified Access Plane. “The decision to formally change our name to Teleport supports the natural evolution that our company has followed from the point it was founded – to create software for engineers that allows them to quickly access any resource anywhere,” said Ev Kontsevoy, … continue reading
Exadel announced the release of CompreFace, an open-source facial recognition application
Exadel, a global provider of digital software engineering solutions and services, announced the release of CompreFace, an open-source facial recognition application. CompreFace can be integrated as a standalone service or deployed via the cloud. It’s convenient API offers state-of-the-art facial recognition. To get started with Compreface, visit: (https://github.com/exadel-inc/CompreFace#overview) “Facial recognition technology is being rapidly adopted across … continue reading
SD Times news digest: WhiteSource announces Merge Confidence, Yellowbrick Data 5 released with new price/performance capabilities, Mac BigSur now available
Merge Confidence is a new automated solution that helps developers safely update and remediate their open source dependencies by using a badge to show how likely an open source component can be updated without breaking the build. “Open source components are updated at such a staggering rate, it is impossible to manage this process manually. … continue reading
SD Times news digest: Android Platform to migrate build systems to Bazel, Databricks launches SQL Analytics, and Secure Code Warrior Missions
Android announced that it would migrate all of its current build systems to Bazel. While components of Bazel have been already checked into the Android Open Source Project (AOSP) source tree, this will be a phased migration over the next few Android releases and will include many concrete and digestible milestones to make the transformation … continue reading
SD Times news digest: WhiteSource launches new vulnerability-based alerts, Rocket Software’s free UniObjects for Python, and Let’s Encrypt warns about compatibility
WhiteSource announced new vulnerability-based alerts designed to speed up and simplify the vulnerability management process. It will provide developers with flexibility when managing alerts as well as providing a more granular view of the issues, according to the company. “The number of known security vulnerabilities has been rising exponentially over the past few years, and … continue reading
SD Times news digest: Apple to require developers to enter app privacy information in App Store Connect, Android’s mobile driving license, and Visual Studio Code 1.51
Apple announced that later this year users will be able to learn about some of the data types that certain apps collect, and whether that data is linked to them or used to track them. Starting on December 8th, developers will be required to summit this information when they add new apps and app updates … continue reading
SD Times news digest: TypeScript 4.1 RC released, Adobe security updates, and LDRA integrates with collaborative developer tool Yocto
TypeScript 4.1 RC was released with new features, new checking flags, editor productivity updates, and speed improvements. The new string literal types in TypeScript allow users to model functions and APIs that expect a set of specific strings. It has the same syntax as template literal strings in JavaScript, but is used in type positions. … continue reading
Guest View: Use static analysis to secure open source
Sonatype’s 2020 State of the Software Supply Chain Report found that next generation cyber-attacks actively targeting open-source soft- ware projects increased 430% over the past 12 months. Industry and the Open Source communities recognize heightened security risks and are working to solve these. For example, in August 2020 the Linux Foundation launched the Open Source … continue reading
IBM releases Code Risk Analyzer to shift security left
IBM has announced the Code Risk Analyzer, a focused effort to bring security and compliance analytics to DevSecOps. The Code Risk Analyzer can be configured to run at the beginning of a developer’s code pipeline and it reviews and analyzes Git repositories for known issues with any open-source code that needs to be managed. It … continue reading
Beware of these creatures lurking in your DevSecOps teams
Halloween is upon us, and while much of the world is focused on scary creatures like ghosts, ghouls, or werewolves, DevSecOps teams have a few scary creatures of their own to deal with. From the Dracula-like developer stuck in a world from centuries ago who is thwarting the creation of secure apps, to the DevOps … continue reading
SD Times news digest: Tasktop Flow Institute launched, Bugsnag announces new user stability analytics, and Enso raises $6 million for app security
The newly launched Tasktop Flow Institute online community for business leaders offers custom courses and content to gain practical knowledge and skills, as well as better understand value stream management and Tasktop Flow Metrics, according to the company. “Becoming a software innovator means knowing how to measure what matters across your entire software portfolio,” said … continue reading
