Topic: security

Guest View: How compliance fits into DevOps

As security and privacy grow in importance, regulatory compliance is becoming an increasing priority for most businesses. But let’s just say it: compliance audits are not fun.  That’s especially true when it comes to engineering and development teams, who are tasked with gathering all of the relevant data – in other words, evidence – needed … continue reading

SD Times news digest: LogDNA’s Browser Logger, Rust 1.5.2.0 released, and Google Play to launch new safety section

LogDNA announced a new browser logging capability designed to enable full-stack and front-end developers to ingest frontend log data into LogDNA more efficiently to debug web applications. The new feature automatically captures errors and logs occurring in the user’s browser and allows dev teams to centralize those errors alongside server-side logs, according to the company. … continue reading

Linux Technical Advisory Board releases report on UMN patches

The Linux Technical Advisory Board (TAB) released a new report to show the remediation measures that were undertaken after researchers from the University of Minnesota (UMN) submitted compromised code submissions to the Linux kernel.  UMN previously submitted many big fixes that were merged into kernel releases as part of an, but the breach of trust … continue reading

World Password Day 2021 focuses on the safety of passwords

Google celebrates World Password Day 2021 with hope for a passwordless future

Today is World Password Day 2021, and while companies are touting the best password management practices, Google is hoping someday we won’t have to worry about them at all. According to the company, even the strongest passwords can be compromised.  “You may not realize it, but passwords are the single biggest threat to your online … continue reading

gitlab devops report

Report: DevOps offers faster releases, but security still a pain point

The COVID-19 pandemic has led teams to focus on embracing DevOps technologies such as Kubernetes, ML/AI and cloud computing, and as a result, 84% of developers say they’re releasing code faster than ever before.  That was one of the key findings in GitLab’s fifth annual DevSecOps survey, which this February asked 4,300 DevOps team members … continue reading

SD Times news digest: CodeLogic’s app dependency mapping solution, TPG to acquire Boomi from Dell, and Obviously AI’s seed funding

CodeLogic announced a new automated approach that enables developers to quickly generate a centralized, living map of complex system architectures such as ServiceNow, RedHat and Linux. Developers can then use this to determine how to handle code refactoring and rewrites, and safely explore new features, according to the company.  The new solution enables developers to … continue reading

The evolution and future of cloud-native security

With the acquisition of my company, StackRox, by cloud-native technology vendor Red Hat, it seems like a good time to reflect on the state of cloud-native security.  Security in the cloud has been my life for the past five years, and it’s changed very quickly as new cloud-native platforms have taken over the industry.  We’ve … continue reading

UMN security researchers apologize to the Linux community

The University of Minnesota’s Computer Science and Engineering Department security researchers are facing intense scrutiny from the Linux community for intentionally trying to insert bugs into Linux patches. The buggy patches were a part of the research paper On the Feasibility of Stealthily Introducing Vulnerabilities in Open Source Software via Hypocrite Commits. The paper stated: … continue reading

SD Times news digest: Gremlin Automatic Service Discovery, WhiteHat Attack Surface Management, and Jamf’s same-day Apple OS support

Gremlin has added Automatic Service Discovery to its chaos engineering platform in an effort to help companies improve resilience and reduce downtime by identifying the various services running across distributed systems.  “The rise in popularity of microservices necessitate services functioning as first-class citizens. The infrastructure layer is becoming more abstract and engineers are increasingly thinking … continue reading

Logo for open-source project Teller

SD Times Open-Source Project of the Week: Teller

Teller is an open-source productivity secret manager that aims to help developers with cloud-native apps and multiple cloud providers. The tool was built by developer-first cybersecurity company Spectral as a way to tackle the “last mile problem” of securing sensitive access and preventing data leaks.  With Teller, developers never have to leave their terminal to … continue reading

SD Times news digest: Android 12 Developer Preview 3, ComponentOne 2021 v1, and WhiteSource acquires Diffend

Google has announced the third developer preview of its upcoming 12.0 release. The latest preview includes a new app launch experience, new video and camera capabilities and new permissions for exact alarms that help users save battery. Developers can use new splash screen APIs and resources to manage the splash screen window’s background color, replace … continue reading

Policy as code shifts compliance left

Automating policy enforcement is a key component of ensuring development teams are releasing secure applications in today’s fast-paced, cloud-native world. Many DevSecOps teams are achieving this by utilizing policy as code.  According to Tim Hinrichs, co-founder of Styra, policy as code provides a specific file format for policy that is readable by machines, which allows … continue reading

1 3 4 5 6 7 58
HTML Snippets Powered By : XYZScripts.com

Get access to this and other exclusive articles for FREE!

There's no charge and it only takes a few seconds.

Sign up now!