Chef announced a number of new updates designed to bring businesses beyond infrastructure-centric configuration management. The company released Chef Automate 2.0, Chef Application Automation and Chef Compliance Automation at its annual conference ChefConf 2018 in Chicago today. “The race to modernize IT by deploying and managing new and legacy applications in multiple environments is greatly … continue reading
Curtail Security has announced the release of ReGrade, a new solution designed to detect version differences in the development lifecycle, and prevent high costs associated with late-state discovery of software flaws and configuration errors. According to the company, users will now be able to run their current software against proposed updates and compare the network … continue reading
A group of Apple developers are banding together to form the Developers Union. The union is designed to advocate for sustainability in the App Store, according to the developers. This is a community-driven “non-union union” designed to help improve the App Store by focusing on the issues that matter the most to developers. “Today, we … continue reading
QbitLogic is leveraging the power of artificial intelligence to better protect software systems. The company announced the release of CodeAI, a next generational SaaS platform designed to repair security defects before releasing solutions to the public. The company is known for its work with DARPA to build an “unhackable” drone utilizing artificial intelligence. “Bug repairs … continue reading
The team collaboration tool provider Slack is open sourcing a new tool designed to help developers secure features with high output and low friction. goSDL is a web application tool aimed at providing an entry point for a security development lifecycle (SDL) checklist. “For development teams, process can often be antithetical to speed. Ease of … continue reading
In today’s fast-paced, digital world, cybersecurity attacks occur daily. Businesses are scrambling to protect their assets and consumers fear for the safety of their personal information. Even large enterprises with ample resources and expertise aren’t safe, with LinkedIn, Yahoo, Sony, Target and the IRS all falling victim to malicious hackers. According to recent research, the … continue reading
Google has announced Google Registry’s newest top-level domain (TLD), .app, is now available. The .app TLD was designed for apps and app developers, and features security measures that enable developers to showcase apps to a broad audience. According to the company, having a memorable .app domain name makes it easy for users to find and … continue reading
Npm, Inc. has announced the release of the npm@6 package manager. It will feature powerful new security features, such as automatic warnings when developers try to use open source code with known vulnerabilities, and ‘npm audit,’ which is an npm command that allows developers to analyze complex code and pinpoint specific vulnerabilities. A recent npm … continue reading
IBM is releasing an open-source software library to combat against adversarial attacks in deep neural networks (DNNs). DNNs are machine learning models that are capable of recognizing patterns. Current artificial intelligence techniques like recognizing objects in images, speech-to-text, and video annotation is based on DNNs. According to IBM, while DNNs are usually very accurate, they … continue reading
Open-source libraries reliant on serverless architecture frequently skimp on essential security measures, according to serverless security runtime environment provider PureSec’s Ten Most Critical Security Risks in Serverless Architectures 2018 report. The analysis found critical vulnerabilities or misconfigurations that “could allow attackers to manipulate the application and perform various malicious actions” in 21 percent of 1,000 … continue reading
CA Technologies announced its acquisition of software composition analysis specialists SourceClear early this week with aims to incorporate SourceClear’s SaaS-based SCA tool and proprietary vulnerability database with their Veracode cloud platform. “We are excited about what this acquisition means for our customers in terms of increased support for SCA in DevSecOps environments and the ability … continue reading