The Free Software Foundation (FSF) announced plans to launch a public code hosting and collaboration platform (“forge“) this year. Members of the FSF tech team are currently reviewing ethical web-based software that will help teams work on their projects, with features like merge requests, bug tracking, and other common tools. “Infrastructure is very important for … continue reading
Claris launched Claris Connect, a workflow automation platform designed for the real-world challenges of SMBs. “The right path to being cloud-first is to be cloud smart,” said Brad Freitag, CEO of Claris. “That means giving problem solvers all the power of the cloud – sharing, rapid deployment, scalability – without losing connection to the real … continue reading
Programmers err as much as any of us — between 15 and 50 errors per 1,000 lines of code to be more exact. QA tests for these bugs, attempting to ensure that releases are as bug-free as possible. Customers who trust their operations to software won’t tolerate poorly written code, and teams go out of … continue reading
In today’s era of digital transformation, every organization must focus on application security. However, focusing on security vulnerabilities alone is unwise because it’s nearly impossible to prioritize what needs to be done. “DevOps teams are sitting in front of a table with the keys to the kingdom on their computers,” said Jake King, co-founder and … continue reading
DevSecOps isn’t just a practice, it’s a continuous learning experience. If you want to be successful faster, avoid these common misconceptions. #1: Business as usual is good enough Cybercriminals are constantly changing their tactics. If your organization’s application security practices are static, they aren’t as robust as they should be. RELATED CONTENT: How to get … continue reading
Large legacy enterprises have a data problem. Decades of iterative infrastructure updates via relatively small investments have resulted in information silos scattered across different systems and in different formats. For example, a hospital may have patient records in one location and accounting data in another. All of this data is managed by different teams with … continue reading
In order to improve cybersecurity efforts, new tools are being released this week at the RSA Conference in San Francisco. The conference brings together top cybersecurity professionals and business leaders to discuss emerging trends and formulate the best strategies for tackling current and future threats. The new tools include solutions that speed up security testing, … continue reading
The Open Cybersecurity Alliance (OCA) announced the availability of OpenDXL Ontology, its open-source language for connecting cybersecurity tools through a common messaging framework. “With open source code freely available to the security community, OpenDXL Ontology enables any tool to automatically gain the ability to communicate and interoperate with all other technologies using this language,” the … continue reading
Microsoft has announced the general availability of its cybersecurity solution. Microsoft Threat Protection (MTP) is designed to provide security checks across users, emails, applications, and endpoints. The solution alerts users and takes action using AI so that security professionals can automatically detect, investigate, and stop coordinated multi-point attacks, Microsoft explained In addition, it weeds out … continue reading
The Linux Foundation is addressing structural and security complexities in today’s modern software supply chains with the release of the ‘Vulnerabilities in the Core,’ a preliminary report and census II of open-source software. The report was put together by the Linux Foundation’s Core Infrastructure Initiative and the Laboratory for Innovation Science at Harvard (LISH). RELATED … continue reading
Facebook’s proposal to the EU to tone down what the company called “intrusive regulations,” was rejected. European commissioner for the internal market Thierry Breton said that it was up to Facebook to adopt Europe’s standards, and not the other way around. The proposal came in the form of a whitepaper, which argued to ensure accountability … continue reading
Synopsys announced that it will release a major update to the Polaris Software Integrity Platform to extend its static application security testing (SAST) and software composition analysis (SCA) capabilities through the native integration of the Code Sight plugin. The new update will allow developers to find and fix security weaknesses in both proprietary code and … continue reading
