devsecops

devsecops news search results

Developer news items we found relating to devsecops

35 results
Zero-trust-policies-for-software-releases-could-be-key

Zero trust policies for software releases could be key


Thursday, December 8, 2022 by

Today’s integrated DevOps methodology offers businesses the promise of accelerating innovation by providing customers and employees with new application capabilities faster. However, this approach can also increase risks associated with cybercrime and the failure to comply with rapidly evolving privacy regulations. As a result, minimizing security risk during the ...


The-value-of-BizDevSecOps-for-developers

The value of BizDevSecOps for developers


Friday, August 26, 2022 by

Gregg Ostrowski serves as the Executive CTO at AppDynamics, part of Cisco. In this Q&A, he goes in-depth on the value of BizDevSecOps for developers, including how it helps break down silos and build bridges among business, security, developer, and operations teams. Gregg highlights how the framework evolved from DevOps and DevSecOps, as well as why it is ...


Traceable-AI-and-ArmorCode-integration

Traceable AI and ArmorCode integration


Wednesday, August 24, 2022 by

ArmorCode has announced an integration with Traceable AI which will bring its data into the ArmorCode platform and improve Application Security Posture from code to cloud. To move at the speed of business, modern applications are increasingly powered by APIs to deliver functionality. The challenge is that each new API must be secured and as the number of APIs in...


AppSecCon-2022-dates

AppSecCon 2022 dates


Monday, May 9, 2022 by

The Purple Book Community, a community of top security leaders, announced that AppSecCon 2022 will take place May 18-19, 2022. The virtual event is expected to host thousands of leading security professionals from around the world.0 AppSecCon 2022 dates When: May 18-19, 2022 from 9 a.m. to 2 p.m. (PT) each day Where: Virtual Conference, Register Today! Presenta...


DevOps-predictions-for-2022

DevOps predictions for 2022


Wednesday, January 19, 2022 by

Yoav Landman, Co-Founder, and CTO of JFrog created Artifactory after 7 years as a senior consultant with AlphaCSP. He has held several senior technical roles with Attunity, Verve, and Sausage. Yoav holds a Master of Computing degree from RMIT University and a BA in Law (LLB) from Haifa University. Low-Code/No-Code, Metaverse, and DevOps predictions for 2022 Landma...


Cloud-and-Edge-computing-2022-predictions

Cloud and Edge computing 2022 predictions


Monday, January 17, 2022 by

Tobi Knaup is the CEO & Co-Founder at D2iQ, an independent Kubernetes company that 30% of the Fortune 50 companies and the U.S. Department of Defense rely on for their most mission-critical apps. Knaup shares his 2022 predictions about the shifting cloud landscape. The marriage of Cloud and Edge:  While both edge and cloud computing has been the subj...


Compliance-as-code-adoption-in-2022

Compliance as code adoption in 2022


Monday, January 10, 2022 by

Prashanth Nanjundappa is VP of Product Management at Progress. He has spent his entire career of over 20 years in the tech world, managing cross-functional high-performance teams, focused on building and launching enterprise and consumer products globally. In the first 12 years of his career, Prashanth worked as a developer, technical lead, and architect for mobile, ...


App-security-testing-platform-lands-from-Oxeye

App security testing platform lands from Oxeye


Monday, January 3, 2022 by

Oxeye announced the company’s Cloud-Native Application Security Testing Platform (CNAST). The new platform identifies code vulnerabilities, open-source vulnerabilities, and secrets to highlight the most critical issues in the software development lifecycle, delivering clear guidance for fast and accurate remediation. App security testing platform CNAST Accor...


Oxeye-closes-a-$5.3-Million-seed-financing-round

Oxeye closes a $5.3 Million seed financing round


Thursday, November 4, 2021 by

Oxeye announced the closing of a $5.3 Million seed financing round led by MoreVC, a seed-stage venture capital fund in Israel. The latest round includes support from i3 Equity Partners, and other cybersecurity focused investors as the company prepares to protect the world’s most popular Web applications with next-generation cloud-native Application Security Testin...


Software-testing-with-Visual-AI

Software testing with Visual AI


Thursday, September 30, 2021 by

Applitools announced its inclusion in new research published by Enterprise Management Associates (EMA) entitled, "Disrupting the Economics of Software Testing Through AI." According to the report, Visual AI has the highest impact on software testing as compared to other available applications of AI technology in the market today. Software testing with ...


Increase-developer-productivity-with-webhooks-from-CircleCI

Increase developer productivity with webhooks from CircleCI


Thursday, September 2, 2021 by

CircleCI, the continuous integration, and continuous delivery (CI/CD) platform have announced CircleCI webhooks, a feature that provides software engineering teams the ability to build integrations that react to CircleCI job and workflow status notifications. How to increase developer productivity with webhooks from CircleCI Research shows that the performance lev...


SRE-practitioner-certification-announced-by-DevOps-Institute

SRE practitioner certification announced by DevOps Institute


Monday, July 26, 2021 by

DevOps Institute announced its Site Reliability Engineer (SRE) Practitioner certification. This advanced certification helps candidates validate their deeper application of practices, methods, and tools for advancing site reliability engineering practices at their organizations. The SRE Practitioner certification is tailored for anyone focused on large-scale servic...


Compliance-automation-will-take-center-stage-this-year

Compliance automation will take center stage this year


Wednesday, May 26, 2021 by

Compliance automation uses artificial intelligence features and technology to make compliance procedures easier - according to most sources on the web, about the meaning of compliance automation.  Progress Software CEO Yogesh Gupta says with smart companies turning to a compliance-as-code approach to keep infrastructure, apps, and end-user devices secure and com...


DevSecOps-will-go-mainstream-this-year

DevSecOps will go mainstream this year


Tuesday, January 26, 2021 by

Cybercriminals love Shadow Code exploits because hacking a commonly used library or service can place the malicious code on hundreds or thousands of websites. For example, the widely used jQuery JavaScript library has been breached multiple times, leading to digital skimming attacks broadly across the e-commerce sector. Adding jQuery to an application without ...


How-DevOps-will-change-in-2021

How DevOps will change in 2021


Saturday, January 9, 2021 by

DevOps will become much more security-aware. We’ll see greater attention paid to the newly expanded surface area created in the practice of DevOps and how to proactively protect against vulnerabilities in DevOps. How DevOps will change in 2021 and the Impact from it First, IT Ops and DevOps teams will need to reorient their processes to one that unifies...


Low-code-innovation-predictions-for-2021-from-Gigaom

Low code innovation predictions for 2021 from Gigaom


Tuesday, January 5, 2021 by

Distributed architectures drive development. We’re seeing a great deal of interest in microservices, containers, serverless, not just for new-build but also as a way to reface older applications and data. These architectures, which will also be hugely important for Edge and IoT, have an impact on how applications are built, as each distributed service needs to be ...


Political-app-vulnerabilities-raise-concern

Political app vulnerabilities raise concern


Thursday, October 22, 2020 by

With election season upon us, the US population is being inundated by candidate and proposition propaganda from a variety of sources – including television, the US mail, and mobile device apps. As annoying as this flood of information is at times, it’s important to understand that when it comes to these popular apps, and in fact all apps, if certain security...


GitLab-acquires-Peach-Tech-and-Fuzzit

GitLab acquires Peach Tech and Fuzzit


Friday, June 12, 2020 by

GitLab announced it has acquired Peach Tech and Fuzzit. These acquisitions will add fully-mature testing solutions including protocol fuzzing, API fuzzing, DAST API testing, and coverage-guided fuzz testing. This makes GitLab’s DevSecOps offering the first security solution to offer both coverage-guided and behavioral fuzz testing techniques as well as the fi...


Results-from-2020-Quarterly-Mobile-Index-report

Results from 2020 Quarterly Mobile Index report


Tuesday, May 19, 2020 by

PubMatic announced findings from their Q1 2020 Quarterly Mobile Index report, which shows that mobile advertising was much less affected by the coronavirus pandemic when compared to desktop advertising during the first three months of the year. With an accelerated shift to mobile, PubMatic advises publishers to take the current environment as an opportunity to review th...


Fourth-annual-DevSecOps-survey-from-Gitlab

Fourth annual DevSecOps survey from Gitlab


Monday, May 18, 2020 by

GitLab released the results of its fourth annual DevSecOps survey uncovering how roles across software development teams have changed as more teams adopt DevOps. The survey of over 3,650 respondents from 21 countries worldwide found that rising rates of DevOps adoption and implementation of new tools has led to sweeping changes in job functions, tool choices and or...


DevSecOps-7th-annual-Community-Survey-results

DevSecOps 7th annual Community Survey results


Wednesday, April 15, 2020 by

Sonatype published findings from its seventh annual DevSecOps Community Survey, based on responses from 5,045 software engineering professionals. The survey, developed and conducted in partnership with Carnegie Mellon’s Software Engineering Institute, CloudBees, DevOps Institute, DevOps.com, DevSecOps Days, NowSecure, Security Boulevard, Verica, and All Day DevOps...


Improve-DevOps-processes-with-API-catalog

Improve DevOps processes with API catalog


Thursday, March 26, 2020 by

One of the biggest trends in DevOps is the “shift left” approach when it comes to security, so much so that security conferences now host developer days, developer conferences host security days, and the two have melded into DevSecOps. But pragmatically, how do you implement security earlier into your development cycles? According to CloudVector VP of Engine...


Container-runtime-scanning-open-source-software-launched-by-Portshift

Container runtime scanning open source software launched by Portshift


Thursday, March 26, 2020 by

Portshift introduced Kubei Open Source container scanning software. Kubei is a unique open source Kubernetes runtime images scanning solution, presented to invite developer collaboration for the hardening of runtime environments. Kubei identifies which pods were built from vulnerable images or contain newly discovered vulnerabilities, then it couples the Kubernetes info...


Best-Practices-for-Kubernetes-deployments-from-Portshift

Best Practices for Kubernetes deployments from Portshift


Monday, January 27, 2020 by

Portshift presents five security best practices for DevOps and development professionals managing Kubernetes deployments. Integrating these security measures into the CI/CD pipeline will assist organizations in the detection and remediation of security issues earlier in the development process, allowing faster and shorter cycles while assuring safe and secure deployment...


New-DevOps-Institute-program

New DevOps Institute program


Tuesday, August 13, 2019 by

DevOps Institue, a global member-based association for advancing the human elements of DevOps, revealed the introduction of its DevOps Institute Ambassador program. The program invites and acknowledges accomplished volunteers from across the globe who are committed to leading and empowering the DevOps Institute member community with the SKIL Framework to advan...


API-contracts-at-the-heart-of-security-in-42Crunch-release

API contracts at the heart of security in 42Crunch release


Thursday, August 8, 2019 by

42Crunch, the creator of the industry's first API Firewall has released the API security platform with enhanced tools for developers to easily define security in OpenAPI contracts, enabling an agile DevSecOps experience, and providing full visibility into each individual API's security landscape. API security is complex and becomes a bottleneck wh...


Gitlab-12.0-released

Gitlab 12.0 released


Friday, June 28, 2019 by

GitLab is releasing 12.0 to help enterprises transform and accelerate DevOps adoption by bringing developers, operations professionals, and the security team together in the first single application for the entire DevSecOps lifecycle. With the 12.0 release, GitLab is building upon security features recently released - such as security dashboards, auto remediation and se...


Crowdsourced-security-and-bug-bounty-adoption-is-spreading

Crowdsourced security and bug bounty adoption is spreading


Monday, May 20, 2019 by

There continues to be a fundamental imbalance in cybersecurity. Attackers are finding new ways to penetrate cyber defenses as targets proliferate to the cloud, mobile, and connected devices. Defenders need to take a proactive security approach. The evolving threat landscape and the ever-widening security skills gap are giving rise to new approaches such as crowdsourc...


API-security-testing-just-got-easier-with-42Crunch

API security testing just got easier with 42Crunch's new scanner


Thursday, March 21, 2019 by

42Crunch officially released the 42Crunch API Platform, an API security cloud platform to discover vulnerabilities in APIs and protect them from attack. The 42Crunch Platform can protect SaaS, Web, or IoT APIs, as well as microservices. This follows the launch of the free API Contract Security Audit tool at APISecurity.io earlier this month. The tool helps API d...


Kong-Brain-and-Kong-Immunity-launches-powered-by-AI-and-ML

Kong Brain and Kong Immunity launches powered by AI and ML


Thursday, January 17, 2019 by

Kong Inc. has launched Kong Brain and Kong Immunity for its Kong Enterprise API platform. Powered by artificial intelligence (AI) and machine learning, the new, advanced features will help automate the entire API and service development lifecycle from pre-production to post-production to provide organizations with an intelligent, end-to-end API solution. By automating p...


What-does-the-Kubernetes-privilege-escalation-flaw-mean

What does the Kubernetes privilege escalation flaw mean


Tuesday, December 4, 2018 by

Bringing together powerful applications into containerized services that are open source can have their drawbacks, as recently discovered by the RedHat issued a critical Security Advisory and patches for CVE-2018-1002105, a privilege escalation flaw impacting Kubernetes. Sumo Logic CSO, George Gerchow weighs in: "The Kubernetes vulnerability is a huge deal, even...


AI-for-cybersecurity-

AI for cybersecurity


Tuesday, November 27, 2018 by

As organizations struggle to deal with the growing sophistication of hackers and the influx in data breaches, it's becoming clear that AI could be a critical tool for automatically defending applications from cyber attacks - but there are challenges to overcome. Ivan Novikov, the CEO of AI security company Wallarm, offers some insight below on how AI can be utilized...


IAST-supports-AppSec-efficiencies-while-cutting-costs-and-headaches

IAST supports AppSec efficiencies while cutting costs and headaches


Monday, November 26, 2018 by

It’s easy to feel passionate about interactive application security testing (IAST) in the world of application security. You see, IAST makes security testing almost invisible. It’s not something that requires a highly trained team to be brought in to carry out and analyze testing results. It doesn’t hold up other teams or processes from moving forward....


Speeding-up-SaaS-deployments-with-Platform.sh

Speeding up SaaS deployments with Platform.sh


Friday, November 23, 2018 by

Organizations spend an inordinate amount of time and resources developing and maintaining infrastructure, which distracts from what should be their core focus: providing customers with valuable and engaging applications and digital experiences. Platform.sh allows companies to direct their attention towards accomplishing this primary goal by relieving them of the burden ...


New-open-source-cloud-discovery-tool-arrives-from-Twistlock

New open source cloud discovery tool arrives from Twistlock


Thursday, November 15, 2018 by

Twistlock has released a new open source Cloud Discovery tool. Cloud Discovery gives enterprise infrastructure, operations, and security teams the ability to easily understand and quantify the size of their environment, and get a birds' eye view of what cloud native services are running and where. The first release supports Amazon Web Services (AWS), Micro...