The COVID-19 pandemic has led teams to focus on embracing DevOps technologies such as Kubernetes, ML/AI and cloud computing, and as a result, 84% of developers say they’re releasing code faster than ever before. That was one of the key findings in GitLab’s fifth annual DevSecOps survey, which this February asked 4,300 DevOps team members … continue reading
CodeLogic announced a new automated approach that enables developers to quickly generate a centralized, living map of complex system architectures such as ServiceNow, RedHat and Linux. Developers can then use this to determine how to handle code refactoring and rewrites, and safely explore new features, according to the company. The new solution enables developers to … continue reading
With the acquisition of my company, StackRox, by cloud-native technology vendor Red Hat, it seems like a good time to reflect on the state of cloud-native security. Security in the cloud has been my life for the past five years, and it’s changed very quickly as new cloud-native platforms have taken over the industry. We’ve … continue reading
The University of Minnesota’s Computer Science and Engineering Department security researchers are facing intense scrutiny from the Linux community for intentionally trying to insert bugs into Linux patches. The buggy patches were a part of the research paper On the Feasibility of Stealthily Introducing Vulnerabilities in Open Source Software via Hypocrite Commits. The paper stated: … continue reading
Gremlin has added Automatic Service Discovery to its chaos engineering platform in an effort to help companies improve resilience and reduce downtime by identifying the various services running across distributed systems. “The rise in popularity of microservices necessitate services functioning as first-class citizens. The infrastructure layer is becoming more abstract and engineers are increasingly thinking … continue reading
Teller is an open-source productivity secret manager that aims to help developers with cloud-native apps and multiple cloud providers. The tool was built by developer-first cybersecurity company Spectral as a way to tackle the “last mile problem” of securing sensitive access and preventing data leaks. With Teller, developers never have to leave their terminal to … continue reading
Google has announced the third developer preview of its upcoming 12.0 release. The latest preview includes a new app launch experience, new video and camera capabilities and new permissions for exact alarms that help users save battery. Developers can use new splash screen APIs and resources to manage the splash screen window’s background color, replace … continue reading
Automating policy enforcement is a key component of ensuring development teams are releasing secure applications in today’s fast-paced, cloud-native world. Many DevSecOps teams are achieving this by utilizing policy as code. According to Tim Hinrichs, co-founder of Styra, policy as code provides a specific file format for policy that is readable by machines, which allows … continue reading
The warranty on your car is about to expire. Press 1 to purchase an extension. Someone has stolen your bank information. Click here to change your social security number. Your grandchild has been kidnapped. Send money to help us return the child safely. We get phishing emails like these literally all day long, and now … continue reading
I’ve spent most of my professional life convincing businesses to shift things left — shift-left testing for software, shift-left demand and supply forecasts for supply chains, shift-left analytics to understand future implications earlier than your competition. Hopefully that explains why it seems heretical for me to talk about shift-right testing at all. Will shift-right testing … continue reading
.NET 6 Preview 3 now available. The platform matrix of .NET 6 was significantly expanded as of the new preview with the addition of Android, iOS, Mac and Mac Catalyst for x64 and Apple Silicon and Windows Arm64. The CollectionsMarshal.GetValueRef API was added to make updating struct values in Dictionaries faster and is intended for … continue reading
Mobile games are often broken into so users can access premium content, paid features and obtain in-game currency. This is done by tampering with memory, bypassing payments and touchID screens, and downloading paid apps for free — and can be done on both jailbroken or non-jailbroken devices. In a recent webinar on SD Times, Jan … continue reading
