Improving cloud security practices for DevOps teams
Thursday, August 26, 2021 by Richard Harris
Technology integration allows customers to securely leverage existing keys, secrets, tokens, and certificates into declarative CI/CD pipelines and ease the management of HashiCorp Vault infrastructure and security practices.
Opsera and HashiCorp partner with plans on improving cloud security practices for DevOps teams
Opsera, the Continuous Orchestration platform ...
Vanta launches Automated ISO 27001 Certification and HIPAA Compliance
Tuesday, July 13, 2021 by Brittany Hainzinger
Vanta announced public availability for two new certification standards that help secure the internet and protect consumer data. Vanta provides automated compliance audits and continuous security monitoring through a robust SaaS platform, enabling companies to achieve industry standardization in weeks instead of months.
The rise of data leaks and privacy concerns hav...
ABBYY updates machine learning library
Tuesday, June 22, 2021 by Brittany Hainzinger
ABBYY announced a major update for NeoML, its cross-platform open-source machine learning library that allows developers to build, train and deploy machine learning models. The update adds support of the Python programming language, the most popular language for machine learning and AI. The framework also offers 5-10x speed improvements as well as 20+ new ML method...
LinearB secures $16 million in Series A funding
Thursday, March 11, 2021 by Brittany Hainzinger
LinearB announced $16 million in Series A funding to fundamentally change the way dev teams operate. The new investment was led by Battery Ventures, and includes existing investors 83North and Ariel Maislos, and new investor TechAviv Founder Partners. The investment brings LinearB’s total funding to $21 million.
Launched in 2019, LinearB offers a new approach t...
Improving security posture with static application security testing
Friday, February 12, 2021 by Tim Jarrett
Amid the worldwide pursuit of digital transformation, the software has seen a meteoric rise, and application security has become paramount. As more companies become software-centric, they publish more applications, increasing the risk vulnerable code will be released. To help reduce this risk, static application security testing (SAST) can help dev teams find and fix we...
API sprawl security concern predictions of 2021 from Volterra
Wednesday, January 6, 2021 by Freeman Lightner
As organizations continue to digitally transform business processes, they are increasingly transitioning from legacy applications to modern, cloud-native apps.
These intricate modern apps feature far more APIs than their predecessors including API sprawl.
Since these apps are built with extensive microservices, many of these APIs are deeply embedded and hidden. Th...
Software Delivery Management Is the Key to CI CD and DevOps Success
Friday, October 16, 2020 by Freeman Lightner
Continuous integration (CI), continuous delivery (CD) and DevOps have the power to drive digital transformation, changing the way we work and innovate with faster delivery speeds, greater feature responsiveness and increased team productivity. But how do you measure the success of CI/CD and DevOps?
You need the data on your software delivery processes — q...
Beta support for Kubernetes announced by Druva Inc.
Wednesday, September 23, 2020 by Brittany Hainzinger
Druva, Inc. announced beta support for Kubernetes workloads which delivers complete application protection that is accessible by all teams, including the central IT team and DevOps. Offered through Druva Cloud Platform, users can quickly recover, migrate, or clone Kubernetes workloads, alongside existing data center, and cloud workloads from a unified interface. Combini...
Being careful about 3rd party APIs
Monday, August 24, 2020 by Ameya Talwalkar
Over the past couple of years, we’ve seen a marked shift in the nature of API traffic from being largely driven by human actions to be increasingly machine-driven. While it used to take a human to click something on a website to trigger an API call and response, there are now sites and apps where upwards of 98% of total traffic is the result of bots -- some legiti...
New version of Terrascan from Accurics
Thursday, August 20, 2020 by Brittany Hainzinger
Accurics unveiled a major upgrade to Terrascan, the open source static code analyzer that enables developers to build secure infrastructure as code (IaC). The new release ensures Terraform templates avoid common security pitfalls in popular cloud providers such as AWS, Azure, and Google Cloud Platform. Built-in extensibility will enable support for other popular technol...
Collibra integrates data governance on the Google Cloud Platform
Wednesday, August 12, 2020 by Freeman Lightner
Collibra, the Data Intelligence company, has further expanded its partnership with Google Cloud, offering Collibra as a managed service on the Google Cloud Platform (GCP). Jim Cushman, Collibra’s chief product officer, and Evren Eryurek, director of product management for Google Cloud, shared news of the integrated offering in a presentation this week at ...
4 barriers to AI Adoption
Tuesday, July 21, 2020 by Richard Harris
Some of the largest companies in the world are either already implementing, or are strategically planning for AI. And a recent study from Tractica found that global AI software revenue is expected to grow from $10.1 billion in 2018 to $126 billion by 2025.
But even with adoption by large companies, many businesses seem to be weary of jumping into AI - even when they ...
webMethods AppMesh announced by Software AG
Friday, April 17, 2020 by Brittany Hainzinger
Software AG unveiled webMethods AppMesh, a configurable control plane for microservices, APIs and service mesh. Built as an extension of Software AG’s industry-leading webMethods API Management Platform, webMethods AppMesh adds application context to service mesh, which provides better agility, management, and governance of microservices as business apps.
DevSecOps 7th annual Community Survey results
Wednesday, April 15, 2020 by Brittany Hainzinger
Sonatype published findings from its seventh annual DevSecOps Community Survey, based on responses from 5,045 software engineering professionals. The survey, developed and conducted in partnership with Carnegie Mellon’s Software Engineering Institute, CloudBees, DevOps Institute, DevOps.com, DevSecOps Days, NowSecure, Security Boulevard, Verica, and All Day DevOps...
Container runtime scanning open source software launched by Portshift
Thursday, March 26, 2020 by Brittany Hainzinger
Portshift introduced Kubei Open Source container scanning software. Kubei is a unique open source Kubernetes runtime images scanning solution, presented to invite developer collaboration for the hardening of runtime environments. Kubei identifies which pods were built from vulnerable images or contain newly discovered vulnerabilities, then it couples the Kubernetes info...
Why multi-cloud and edge deployments are hard
Monday, March 9, 2020 by Brittany Hainzinger
Volterra announced the results of a new global survey of more than 400 IT executives showing that organizations face major infrastructure and security challenges in supporting multi-cloud and edge deployments. Conducted by Propeller Insights, the survey reveals that multi-cloud deployments are being driven primarily by a need to maximize availability and reliability fo...
Data Privacy Day 2020 is here
Tuesday, January 28, 2020 by Richard Harris
Data Privacy Day is here, and with the recent implementation of the California Consumer Privacy Act, the timing could not be better to discuss the importance of taking steps to protect sensitive data while also keeping personal data private and secure.
Similar to GDPR, CCPA will have a profound impact on data privacy and protection, making this year’s Data Priv...
Best Practices for Kubernetes deployments from Portshift
Monday, January 27, 2020 by Richard Harris
Portshift presents five security best practices for DevOps and development professionals managing Kubernetes deployments. Integrating these security measures into the CI/CD pipeline will assist organizations in the detection and remediation of security issues earlier in the development process, allowing faster and shorter cycles while assuring safe and secure deployment...
API Manager 3 from WSO2 released
Monday, November 18, 2019 by Richard Harris
APIs are the essential building blocks of digital businesses—assembling data, events and services from within the organization, throughout ecosystems, and across devices. This is driving new demands for organizations to create and monetize APIs and API products; maximize adoption and reuse across internal and external portals and API marketplaces; and ensure API s...
Kubernetes platform from Red Hat gets updated
Tuesday, October 22, 2019 by Freeman Lightner
Red Hat Inc., has announced Red Hat OpenShift 4.2, the latest version of Red Hat's trusted enterprise Kubernetes platform designed to deliver a more powerful developer experience. Red Hat OpenShift 4.2 extends Red Hat's commitment to simplifying and automating enterprise-grade services across the hybrid cloud while empowering developers to innovate and...
The rise of microservices with Anypoint Service Mesh
Wednesday, October 16, 2019 by Freeman Lightner
MuleSoft has announced Anypoint Service Mesh, a new solution that dramatically simplifies how companies can discover, manage and secure microservices. Anypoint Service Mesh brings security and reliability to any microservices-based application, regardless of language or deployment model, freeing developers from custom code. Customers can also now publish and discov...
Code platform Pulumi 1.0 released
Monday, September 9, 2019 by Freeman Lightner
Pulumi Corporation announced the general availability of version 1.0 of its modern Infrastructure as Code platform. Pulumi 1.0 introduces new capabilities designed to help developer and operations teams overcome organizational silos and achieve best-in-class levels of productivity, reliability, and security on any cloud using familiar programming languages and open-sour...
Zeroday vulnerability announced byMcAfee at Defcon
Monday, August 19, 2019 by Richard Harris
At DEFCON, McAfee has announced the discovery of a zero-day vulnerability in a commonly used Delta industrial control system.
The vulnerability found in the Delta enteliBUS Manager could allow malicious actors complete control of the operating system, enabling remote manipulation of access control systems, boiler rooms, temperature control for critical systems and mo...
IBM and Tata join governing council
Tuesday, August 13, 2019 by Brittany Hainzinger
Hedera Hashgraph, an enterprise-ready distributed ledger platform, revealed that IBM and Tata Communications have joined the Hedera Governing Council. The Council, which will comprise up to 39 multinational entities from a diverse array of industries, was designed to ensure decentralized and responsible governance for a next-generation Distributed Le...
One click microsegmentation platform from Edgewise
Thursday, June 20, 2019 by Brittany Hainzinger
Edgewise Networks launched its new platform that radically simplifies the creation and management of zero trust environments with one-click microsegmentation. In seconds, companies can stop internal network attacks that have bypassed perimeter defenses. The benefits include a significantly reduced network attack surface, operational efficiency for policy creation and ma...
Finding website risk levels and reputations gets easier for IT admins
Monday, May 13, 2019 by Richard Harris
NetMotion Software announced NetMotion Reputation, a subscription service that identifies the risk profile and usage categories of hundreds of millions of web domains. Reputation allows IT teams to get visibility into user behavior, including a better understanding of access to risky or inappropriate cloud applications and websites. Customers can also block access if an...
API security testing just got easier with 42Crunch's new scanner
Thursday, March 21, 2019 by Richard Harris
42Crunch officially released the 42Crunch API Platform, an API security cloud platform to discover vulnerabilities in APIs and protect them from attack. The 42Crunch Platform can protect SaaS, Web, or IoT APIs, as well as microservices.
This follows the launch of the free API Contract Security Audit tool at APISecurity.io earlier this month. The tool helps API d...
Software engineer happiness matters
Tuesday, February 19, 2019 by Bart Copeland
In the never-ending quest for greater developer productivity, security and compliance usually seem like monkey wrenches in the machinery. These aspects of development are essential, but they can slow down the flow of work and frustrate developers.
Security and compliance dog the whole software development process, from the too-often-forgotten build engineering team, ...
American AI Initiative launches
Wednesday, February 13, 2019 by Christian Hargrave
The Center for Data Innovation has welcomed the White House executive order launching the American AI Initiative. The Center issued the following statement from its director, Daniel Castro.
Ensuring American leadership in artificial intelligence is critical for U.S. competitiveness. Accelerating the development and adoption of AI holds the potential to increase produ...
Why app analytics tools can get your app removed
Friday, February 8, 2019 by Richard Harris
Apple has recently started to crack down on developers that aren’t disclosing how they are capturing analytics from their users, as reported by Techcrunch and a few other sources. Analytics that includes everything from taps and swipes, to what screens users are on, length of time inside apps, and more. Some embedded SDK's developer use even record user sessio...
Job skills developers need to stay competitive in 2019
Monday, February 4, 2019 by Christian Hargrave
Software development is one of the fastest-growing professions as businesses across all industries transform into tech companies. With over 475,000 open computing jobs in the U.S. alone, businesses are facing steep competition for the technical talent they need. HackerRank released its annual 2019 Developer Skills Report, surveying over 71,000 software developers from m...
Kong Brain and Kong Immunity launches powered by AI and ML
Thursday, January 17, 2019 by Christian Hargrave
Kong Inc. has launched Kong Brain and Kong Immunity for its Kong Enterprise API platform. Powered by artificial intelligence (AI) and machine learning, the new, advanced features will help automate the entire API and service development lifecycle from pre-production to post-production to provide organizations with an intelligent, end-to-end API solution. By automating p...
Pulse Secure launches new vADC Community Edition
Wednesday, January 16, 2019 by Christian Hargrave
Pulse Secure announced the launch of a new Community Edition of its powerful software-based virtual Application Delivery Controller (vADC) to help application developers create innovative application solutions with dramatically lower costs and time to market.
Pulse vADC Community Edition integrates easily with common DevOps tools for automated provisioning and orches...
Developing video games that work for everyone
Monday, January 14, 2019 by Matias Nicolas Rodriguez
Video games are interactive experiences – as the player, you can live many different lives racing fast cars, fighting great creatures and going on exciting, magical adventures. For as long as video games companies have existed, the focus has been largely on games that are fun to play.
Of course, though, we’ve all had to sit out a round and wait for a free...
UN commission sets cyber security regulations for Europe
Wednesday, January 9, 2019 by Christian Hargrave
The United Nations Economic Commission for Europe (UNECE) has confirmed it will integrate the widely used ISA/IEC 62443 series of standards into its forthcoming Common Regulatory Framework on Cybersecurity (CRF). The CRF will serve as an official UN policy position statement for Europe.
At its recent annual meeting in Geneva, UNECE’s Working Party on Regulatory...