Real time security software development from Symbiotic Security
Friday, November 22, 2024 by Richard Harris
Symbiotic Security launched a real-time security for software development that combines detection and remediation with just-in-time training – incorporating security testing and training directly into the development process without breaking developers’ workflows.
Backed with $3 million of seed funding from investors including Lerer Hippeau, Axeleo C...
Future of software development and AI explored in new survey
Tuesday, September 17, 2024 by Russ Scritchfield
As the reach of artificial intelligence (AI) expands, IT leaders are exploring new use cases for technology used throughout the software development lifecycle (SDLC), according to a new survey launched today titled "AI in software development: Exploring opportunities and uncertainties" by OutSystems, a global leader transforming how companies innovate thr...
App security training enhancements by Security Journey
Wednesday, July 19, 2023 by Freeman Lightner
Security Journey announced an acceleration of its secure coding training platform enhancements. Since combining HackEDU and Security Journey training offerings into one Platform, the company has added or refreshed almost 200 lessons and 25 languages, frameworks, and technologies; giving customers even more new training content to improve secure coding knowledge gain of ...
Zero trust policies for software releases could be key
Thursday, December 8, 2022 by Gopinath Rebala
Today’s integrated DevOps methodology offers businesses the promise of accelerating innovation by providing customers and employees with new application capabilities faster. However, this approach can also increase risks associated with cybercrime and the failure to comply with rapidly evolving privacy regulations. As a result, minimizing security risk during the ...
Developer led visibility practices advance at SmartBear
Thursday, September 1, 2022 by Richard Harris
SmartBear, a provider of software development and visibility tools, has hired world-class artificial intelligence (AI) leader Jim Wu as VP of AI and Data Science working in the SmartBear Innovation Labs and product management leader Anthony Bryce as VP of Product Management. Both are supporting the company’s strategy to provide critically-needed visibility for dev...
Offshore software developers risks and advantages
Thursday, October 28, 2021 by Vivien F. Peaden
The onset of COVID-19 has hastened CEOs’ prioritization of digital transformation to future-proof their organizations. This paradigm change is driving the IT outsourcing spend to improve operational agility, integrate new technologies, and achieve cost-savings and faster time-to-market.
Risks and advantages of using offshore software developers
The pandemic ...
Increase developer productivity with webhooks from CircleCI
Thursday, September 2, 2021 by Freeman Lightner
CircleCI, the continuous integration, and continuous delivery (CI/CD) platform have announced CircleCI webhooks, a feature that provides software engineering teams the ability to build integrations that react to CircleCI job and workflow status notifications.
How to increase developer productivity with webhooks from CircleCI
Research shows that the performance lev...
Opsera has announced its Salesforce CD release automation
Monday, June 28, 2021 by Brittany Hainzinger
Opsera announces its native Salesforce CI/CD release automation functionality. This new feature gives Business Application teams the same powerful DevOps platform that software delivery teams use to significantly shorten software delivery cycles, enhance pipeline quality and security, lower operations costs and align software delivery to business outcomes.
Industry s...
Bugsnag acquired by SmartBear
Monday, May 3, 2021 by Brittany Hainzinger
SmartBear announced it has entered into a definitive agreement to acquire application stability management pioneer, Bugsnag.
Bugsnag’s best-in-class, full-stack stability and error monitoring technology is leveraged by industry leaders like Airbnb, Slack, Lyft, and more than 6,000 organizations that prioritize application stability and health in order to ...
Opsera raises $15 Million for continuous orchestration of DevOps
Friday, April 30, 2021 by Brittany Hainzinger
Opsera announced $15 million in Series A funding led by Felicis Ventures. Existing investors Clear Ventures, Trinity Ventures and Firebolt Ventures, and new investor HMG Ventures, also participated. With a total of $19.3 million in funding since it was founded in 2020. Opsera will continue to grow its world-class engineering team, and accelerate its global sales, market...
Improving security posture with static application security testing
Friday, February 12, 2021 by Tim Jarrett
Amid the worldwide pursuit of digital transformation, the software has seen a meteoric rise, and application security has become paramount. As more companies become software-centric, they publish more applications, increasing the risk vulnerable code will be released. To help reduce this risk, static application security testing (SAST) can help dev teams find and fix we...
Error monitoring to drive code ownership in 2021 says Bugsnag
Thursday, January 7, 2021 by Freeman Lightner
The extreme reliance on all things digital as a result of COVID-19 makes application health a key area of focus in 2021. COVID-19 has accelerated the need for a mobile-first strategy, and enterprises are prioritizing the health of their mobile applications to meet customer expectations.
To do so, they are leveraging stability management tools that enable organization...
Applause Platform improves quality assurance platform
Thursday, January 9, 2020 by Richard Harris
Quality assurance (QA) is a rapidly changing field, a result of dev and engineering teams moving faster and releasing more frequently. Applause – the leading crowdtesting provider – is looking to evolve along with QA. The company recently launched Applause Labs, an innovation engine where it hopes to develop new concepts for companies’ QA processes.
...
GitLab Commit 2019 schedule released
Wednesday, August 28, 2019 by Richard Harris
GitLab announced initial programming and speakers for 2019 GitLab Commit Brooklyn, taking place September 17 in Brooklyn, NY.
GitLab Commit, GitLab's inaugural user event, will bring together the GitLab community to connect, learn, and inspire. Speakers will showcase the power of DevOps in action through strategy and technology discussions, lessons learned, behin...
AI driven codeless testing solution drops from Perfecto
Thursday, March 14, 2019 by Richard Harris
Perfecto announced it will release Perfecto Codeless, an AI-driven codeless testing solution that allows teams to automate the process of writing test scripts regardless of skill level. Equipped with machine learning (ML) capabilities, changes to the test script are made agnostically, allowing scripts to continuously run and fix themselves without disrupting operations....
IAST supports AppSec efficiencies while cutting costs and headaches
Monday, November 26, 2018 by Asma Zubair
It’s easy to feel passionate about interactive application security testing (IAST) in the world of application security. You see, IAST makes security testing almost invisible. It’s not something that requires a highly trained team to be brought in to carry out and analyze testing results. It doesn’t hold up other teams or processes from moving forward....
ALM data strategies that mimic the principles of blockchain
Friday, November 2, 2018 by Christopher Pola
All too often, I hear from customers about a very common pain point: they do not have the data to run their business. It’s not that they lack data, but they lack trust in their data. While solving data issues can be a riddle at times, I believe this dilemma is symptomatic of antiquated and/or misappropriated application lifecycle management (ALM) systems requiring...
Why developers run away from security updates
Monday, April 16, 2018 by Richard Harris
Veracode, Inc. has released new data that shines a light on the discrepancy between component security and hygiene. According to the research conducted with Vanson Bourne, only 52 percent of developers using commercial or open source components in their applications update those components when a new security vulnerability is announced. This highlights organizations’ la...
Enterprises need a software security program
Tuesday, January 30, 2018 by Sammy Migues
The answer to the “why” enterprises need a software security program question is pretty straightforward. There are no circumstances under which any but the smallest firms can expect a collection of independent activities - a pen test here, an hour of training there, some free tools that may or may not work as advertised - will consistently result in appropriately secure...
Continuous testing challenges for dev teams in 2018
Friday, January 12, 2018 by Eran Kinsbruner
Today’s world revolves around digital technologies. For example, consider how much time you spend on your cell phone in a single day. According to analytics firm Flurry, it’s more than five hours. From making calls to utilizing things like social media. banking and healthcare apps, there’s an app for just about everything. But what if the apps that help run our lives su...
Software testing using Artificial Intelligence
Tuesday, January 2, 2018 by Richard Harris
As the complexity of software continues to increase and release delivery cycles shorten, software testers need to provide quality feedback to developers nearly instantaneously. In this age of continuous testing, companies are adopting a new mantra: Test smarter, not harder. There’s simply no other choice, given the torrential pace of new software launches. Today, ...
Veracode announced two new key integrations
Friday, August 11, 2017 by Austin Harris
Veracode, a software security company acquired by CA Technologies, has announced the Veracode HPE Application Lifecycle Manager (ALM) Flaw Synchronizer Plug-in, which empowers development and QA/release engineers to fix security vulnerabilities early in the Software Development Lifecycle (SDLC). The company also announced an enhanced integration to the Veracode Applicat...
A DevOps framework for federal customers
Wednesday, May 17, 2017 by Austin Harris
Last Thursday, President Trump signed an executive order designed to strengthen the cybersecurity of federal networks including moving all federal IT systems to the cloud. The executive order also calls for effective risk management, which includes requiring planning so that maintenance, improvements and modernization occur in a coordinated way and with appropriate regu...
Improve mobile app security by turning it into code
Monday, May 8, 2017 by Jeff Williams
Why is application security such a pain? One of the hard problems with application security is that there are a zillion different ways that things can go wrong. Far more than any one person can be expert in. It's unfair to think that a software developer, who is already supposed to be expert in all the latest software languages, frameworks and best practices, should als...
WhiteSource Bolt detects vulnerable open source components
Thursday, March 30, 2017 by Richard Harris
WhiteSource, a continuous open source security and compliance management company, has announced the launch of a new open source management tool integrated within the Microsoft Visual Studio Team Services (VSTS) and Team Foundation Server (TFS) platforms - the WhiteSource Bolt (Bolt).Bolt is fully immersed within the VSTS and TFS products, so users can detect vulnerable ...
The biggest delays in digital transformation initiatives
Tuesday, March 14, 2017 by Richard Harris
We recently caught up with Robert Reeves, co-founder and CTO of Datical, a provider of database release automation solutions, on the findings of a recent survey - conducted by IDG and commissioned by Datical - that reveal the biggest delays in digital transformation initiatives. ADM: When on the road to digital transformation, what causes the biggest speed bumps?Reeves:...
How to integrate business priorities into the DevOps process
Wednesday, March 8, 2017 by Anaud Ganpaul
The business case for enterprise mobile applications is in crisis. Enterprises increased their spend on mobile application development to more than 10% of their overall budgets in 2016, yet fewer than 1% of mobile apps are successful, according to research firm, Gartner.To address this disturbing trend, enterprises are re-envisioning their mobile application development...
Sean Carron tells us about Team Smiles and HappinessasaService
Monday, December 12, 2016 by Richard Harris
Happiness-as-a-Service is an application that allows kids awaiting a transplant, or those who received a transplant, to request a wish, and then connects them with benefactors who can fund their wishes. It enables users to nominate a critically ill child, see a child’s wish in their local community, and donate - among other features. The users can create &ld...
New VS plugin from Checkmarx lets DevOps teams to rapidly embed security
Wednesday, November 16, 2016 by Austin Harris
Checkmarx just announced a new Checkmarx plugin for the Microsoft Visual Studio Team Services platform. The new Checkmarx (CxSAST) Microsoft Visual Studio Team Services Plugin allows organizations with agile development practices to embed security into their software development lifecycle (SDLC) without the delays traditionally caused by application security t...
HPE Study identifies significant barriers with integrating security and DevOps
Tuesday, October 25, 2016 by Richard Harris
The HPE Application Security and DevOps Report just released, which discusses in depth where organizations are at in their implementation of DevOps, and how application security fits within this new model. While there is a perception that security and DevOps go hand-in-hand, there are significant gaps between the opportunity of incorporating security as a natural part o...
Hewlett Packard Enterprise Introduces New Application Security Solutions
Monday, September 19, 2016 by Richard Harris
Hewlett Packard Enterprise (HPE) has introduced the HPE Fortify Ecosystem and Fortify on Demand (FoD) continuous application monitoring service. The online marketplace and service are designed to help organizations create secure applications by naturally integrating security testing processes and resources throughout the fast-paced software development lifecycle (SDLC)....
Checkmarx Tells Us Why App Developers Should Care About App Security
Thursday, August 18, 2016 by Richard Harris
We recently had a conversation with Emmanuel Benzaquen at Checkmarx to talk about how they are able to scrutinize code with a fine-toothed comb and find vulnerabilities early and why other developers need to be doing the same. With clients such as Coca-Cola, SAP, and Salesforce, they seem to be carving out a niche for application security in the crowded tech-s...
Orasi Software and Saltworks Security Form New Application Security Venture
Monday, June 6, 2016 by Richard Harris
Orasi Software and Saltworks Security have announced an agreement to form a new cooperative venture, where Orasi will contribute quality-focused solution sales, support, consulting and training services that leverage Saltworks application security services. The resulting collaboration will offer an all-inclusive security offering of planning, deployment, training and on...
A Few TIPPs for Mobile Testing Environments
Tuesday, June 16, 2015 by Yoram Mizrachi
Many organizations we work with are struggling to see value from their efforts in mobile development, and I’ve noticed a trend that the main issue seems to be that their software development lifecycle does not run as smoothly as they would like. When the SDLC is not running well, it sets the product up for bugs and missed deadlines. Often times the tools used...
Contrast Security Release New Enterprise Application Security Platform
Tuesday, June 9, 2015 by Stuart Parkerson
Contrast Security has release Contrast Enterprise, a new application security product to integrate defenses across development and operations, offering vulnerability assessment, security visibility and attack protection throughout the application lifecycle. Contrast Enterprise offers Runtime Application Self-Protection (RASP), which provides deep security instrumen...