Topic: security

Beware of these creatures lurking in your DevSecOps teams

Halloween is upon us, and while much of the world is focused on scary creatures like ghosts, ghouls, or werewolves, DevSecOps teams have a few scary creatures of their own to deal with.  From the Dracula-like developer stuck in a world from centuries ago who is thwarting the creation of secure apps, to the DevOps … continue reading

SD Times news digest: Tasktop Flow Institute launched, Bugsnag announces new user stability analytics, and Enso raises $6 million for app security

The newly launched Tasktop Flow Institute online community for business leaders offers custom courses and content to gain practical knowledge and skills, as well as better understand value stream management and Tasktop Flow Metrics, according to the company.  “Becoming a software innovator means knowing how to measure what matters across your entire software portfolio,” said … continue reading

CodeSentry launched to find security blind spots in third-party code

GrammaTech has announced a new software composition analysis (SCA) product, CodeSentry, that is designed to detect vulnerabilities in application components including binaries, and create a detailed software bill of materials.  According to the company, it identifies blind spots and allows security professionals to measure and manage risk quickly throughout the SDLC.  With the bill of … continue reading

AppSec vs. DevSecOps, and what that means for developers

Traditional application security is different in two key ways from what has come to be known as DevSecOps. First, modern software companies are integrating application security into their DevOps pipelines, so security becomes part of the flow. Second, it’s also about DevOps being built into application security. Patrick Carey, who leads product strategy in the … continue reading

SD Times news digest: npm public roadmap, TIBCO to acquire Information Builders, and HackerOne expands integrations ecosystems

The npm have released a new public roadmap. Developers can use the roadmap to learn more about the features that are being worked on, the stage that they’re in, as well as when they can be expected.  They can also open a discussion and share suggestions for how the products should be improved and discuss … continue reading

SD Times news digest: Altova 2021 focuses on customer requested features, IBM Cloud Pak for Security updated, and .NET 5.0 RC 2

Altova announced Version 2021 of the MissionKit desktop developer tools and server software with new features and improvements. This includes a new XBRL Taxonomy Manager that provides easy, centralized taxonomy installation and management across all XBRL-enabled products, data mapping for SWIFT messages, improvements for editing in JSON Grid View, attaching files to PDF during report … continue reading

SD Times news digest: CData Tableau Connectors, Facebook Hacker Plus bug bounty program, and Visual Studio Code 1.5 released

CData has announced Tableau Connectors, Excel updates and new drivers With the new Tableau Connectors, users can connect Tableau with real-time data from more than 200 popular SaaS applications, ERPs, CRMs, accounting tools and more. CData’s 2020 Excel Add-In update has enhanced performance and speed for bulk data processing and delivers an improved UI with … continue reading

Android Partner Vulnerability Initiative launched to help manage security issues

The Android Security and Privacy Initiative (APVI) was launched to help developers manage security issues specific to Android OEMs.  “The APVI is designed to drive remediation and provide transparency to users about issues we have discovered at Google that affect device models shipped by Android partners,” the Android team wrote in a blog post. The … continue reading

Report: 73% of developers sacrifice security for speed

A majority of developers feel forced to sacrifice security for the speed that today’s development cycles require. A recent report from WhiteSource found 73% of security teams at organizations are forced to cut corners, and the AppSec tools they use are to check the box towards DevSecOps improvements and are not effectively used.  “There are … continue reading

GitHub launches new code scanning capability

GitHub has announced that its code scanning feature is now available. The new code scanning capability scans code as it is created and provides reviews within pull requests and other GitHub experience. This automating of security helps ensure that vulnerabilities never make it to production, the company explained.  Code scanning integrates with GitHub Actions and … continue reading

SD Times news digest: Ruby 3.0 preview 1 release, Cron Triggers for the Cloudflare Workers, and TensorFlow Recommender

The Ruby 3.0 preview 1 introduces new features and performance improvements such as the ‘rbs’ gem, which allows parsing and processing type definitions written in RBS.  Additionally, the preview has a Ractor experimental feature, with which developers can make multiple tractors and run them in parallel.  ‘Thread#scheduler’ is introduced for intercepting blocking operations. This allows … continue reading

Snyk acquires real-time semantic code analysis provider DeepCode

Snyk is looking to bolster its security platform with the acquisition of DeepCode, a provider of real-time semantic code analysis. Through its AI-powered platform, DeepCode is able to assist developers with app quality and security. According to Snyk, the addition of DeepCode will add to its existing open-source security, container security and infrastructure as code … continue reading

HTML Snippets Powered By : XYZScripts.com

Get access to this and other exclusive articles for FREE!

There's no charge and it only takes a few seconds.

Sign up now!