DevSecOps: Baking security into development

Software is the lifeblood of most businesses today. So, what happens if that software is unreliable or insecure? It seems like a no-brainer that the software being pushed out should be protected. But, as software is being developed and deployed at a rapid pace, an important aspect of the life cycle gets lost in the … continue reading

Sonatype’s State of the Software Supply Chain, Motorola and Neurala team up for AI, and The Bitfury Group’s Exonum — SD Times news digest: July 17, 2017

Sonatype released its third annual State of the Software Supply Chain report, which highlights risks within open source software components. The report also highlights the benefits of managing software supply chain hygiene. “Companies are no longer building software applications from scratch, they are manufacturing them as fast as they can using an infinite supply of … continue reading

Eclipse Oxygen, the Android Things Console, and Sonatype acquires Vor Security — SD Times news digest: June 29, 2017

The Eclipse Foundation has announced Eclipse Oxygen is now available. The Oxygen release includes 83 projects, 287 committers, and about 71 million lines of code. “We’re proud to announce the arrival of Eclipse Oxygen, the 12th annual simultaneous release from the Eclipse Community,” the foundation wrote. Most notably missing from this release is support for … continue reading

Sonatype Integrates Nexus Lifecycle with Microsoft Visual Studio

Sonatype, the leader in software supply chain automation, today announced that it has released a new version of Nexus Lifecycle that includes an extension to Microsoft Visual Studio, a popular integrated development environment (IDE). This new Nexus Lifecycle integration empowers millions of Visual Studio developers with direct access to Sonatype’s open source intelligence engine so … continue reading

Report: Organizations embracing DevSecOps automation

The DevOps community is struggling with bringing security into the organization and across the software development life cycle (SDLC). However, new research from Sonatype reveals that while companies continue to face breaches, mature development organizations finally realize how critical it is to weave automated security early in the SDLC. Sonatype, a software automation and security … continue reading

Veracode’s State of Software Security Report, Symphony Software Foundation’s Open Developer Platform, and DevExpress open-sources TestCafe—SD Times news digest: Oct. 18, 2016

Veracode today released its findings from its annual State of Software Security Report, which revealed that the persistent use of components in software development is creating unmanaged risk. The report also found that companies can benefit if they accelerate their application security programs. Veracode found that a single popular component with a critical vulnerability spread … continue reading

The State of the Software Supply Chain report, new functional language Verve, and GE brings Predix to Azure—SD Times news digest: July 11, 2016

Open-source software is being used more than ever, yet practices for sourcing the software are inefficient and vulnerabilities are pervasive, according to a report from supply-chain automation provider Sonatype. The number of open-source component download requests increased to 31 billion in 2015 from 17 billion in 2014, according to the report, which looked at supply … continue reading

Security practices take focus off programmers and onto systems

New approaches to security for enterprise applications focus on everything outside of the programmer that can be secured … continue reading

Sonatype offers insight into enterprise open-source usage

Tool suite helps organizations manage how they bring code into their development … continue reading

Maven Studio for Eclipse gets developers up to speed

Sonatype tool simplifies onboarding by giving developers a way to easily deploy fully configured Eclipse … continue reading

HTML Snippets Powered By : XYZScripts.com