Improving security posture with static application security testing
Friday, February 12, 2021 by Tim Jarrett
Amid the worldwide pursuit of digital transformation, the software has seen a meteoric rise, and application security has become paramount. As more companies become software-centric, they publish more applications, increasing the risk vulnerable code will be released. To help reduce this risk, static application security testing (SAST) can help dev teams find and fix we...
Error monitoring to drive code ownership in 2021 says Bugsnag
Thursday, January 7, 2021 by Freeman Lightner
The extreme reliance on all things digital as a result of COVID-19 makes application health a key area of focus in 2021. COVID-19 has accelerated the need for a mobile-first strategy, and enterprises are prioritizing the health of their mobile applications to meet customer expectations.
To do so, they are leveraging stability management tools that enable organization...
Applause Platform improves quality assurance platform
Thursday, January 9, 2020 by Richard Harris
Quality assurance (QA) is a rapidly changing field, a result of dev and engineering teams moving faster and releasing more frequently. Applause – the leading crowdtesting provider – is looking to evolve along with QA. The company recently launched Applause Labs, an innovation engine where it hopes to develop new concepts for companies’ QA processes.
...
GitLab Commit 2019 schedule released
Wednesday, August 28, 2019 by Richard Harris
GitLab announced initial programming and speakers for 2019 GitLab Commit Brooklyn, taking place September 17 in Brooklyn, NY.
GitLab Commit, GitLab's inaugural user event, will bring together the GitLab community to connect, learn, and inspire. Speakers will showcase the power of DevOps in action through strategy and technology discussions, lessons learned, behin...
AI driven codeless testing solution drops from Perfecto
Thursday, March 14, 2019 by Richard Harris
Perfecto announced it will release Perfecto Codeless, an AI-driven codeless testing solution that allows teams to automate the process of writing test scripts regardless of skill level. Equipped with machine learning (ML) capabilities, changes to the test script are made agnostically, allowing scripts to continuously run and fix themselves without disrupting operations....
IAST supports AppSec efficiencies while cutting costs and headaches
Monday, November 26, 2018 by Asma Zubair
It’s easy to feel passionate about interactive application security testing (IAST) in the world of application security. You see, IAST makes security testing almost invisible. It’s not something that requires a highly trained team to be brought in to carry out and analyze testing results. It doesn’t hold up other teams or processes from moving forward....
ALM data strategies that mimic the principles of blockchain
Friday, November 2, 2018 by Christopher Pola
All too often, I hear from customers about a very common pain point: they do not have the data to run their business. It’s not that they lack data, but they lack trust in their data. While solving data issues can be a riddle at times, I believe this dilemma is symptomatic of antiquated and/or misappropriated application lifecycle management (ALM) systems requiring...
Why developers run away from security updates
Monday, April 16, 2018 by Richard Harris
Veracode, Inc. has released new data that shines a light on the discrepancy between component security and hygiene. According to the research conducted with Vanson Bourne, only 52 percent of developers using commercial or open source components in their applications update those components when a new security vulnerability is announced. This highlights organizations’ la...
Enterprises need a software security program
Tuesday, January 30, 2018 by Sammy Migues
The answer to the “why” enterprises need a software security program question is pretty straightforward. There are no circumstances under which any but the smallest firms can expect a collection of independent activities - a pen test here, an hour of training there, some free tools that may or may not work as advertised - will consistently result in appropriately secure...
Continuous testing challenges for dev teams in 2018
Friday, January 12, 2018 by Eran Kinsbruner
Today’s world revolves around digital technologies. For example, consider how much time you spend on your cell phone in a single day. According to analytics firm Flurry, it’s more than five hours. From making calls to utilizing things like social media. banking and healthcare apps, there’s an app for just about everything. But what if the apps that help run our lives su...
Software testing using Artificial Intelligence
Tuesday, January 2, 2018 by Richard Harris
As the complexity of software continues to increase and release delivery cycles shorten, software testers need to provide quality feedback to developers nearly instantaneously. In this age of continuous testing, companies are adopting a new mantra: Test smarter, not harder. There’s simply no other choice, given the torrential pace of new software launches. Today, ...
Veracode announced two new key integrations
Friday, August 11, 2017 by Christian Hargrave
Veracode, a software security company acquired by CA Technologies, has announced the Veracode HPE Application Lifecycle Manager (ALM) Flaw Synchronizer Plug-in, which empowers development and QA/release engineers to fix security vulnerabilities early in the Software Development Lifecycle (SDLC). The company also announced an enhanced integration to the Veracode Applicat...
A DevOps framework for federal customers
Wednesday, May 17, 2017 by Christian Hargrave
Last Thursday, President Trump signed an executive order designed to strengthen the cybersecurity of federal networks including moving all federal IT systems to the cloud. The executive order also calls for effective risk management, which includes requiring planning so that maintenance, improvements and modernization occur in a coordinated way and with appropriate regu...
Improve mobile app security by turning it into code
Monday, May 8, 2017 by Jeff Williams
Why is application security such a pain? One of the hard problems with application security is that there are a zillion different ways that things can go wrong. Far more than any one person can be expert in. It's unfair to think that a software developer, who is already supposed to be expert in all the latest software languages, frameworks and best practices, should als...
WhiteSource Bolt detects vulnerable open source components
Thursday, March 30, 2017 by Richard Harris
WhiteSource, a continuous open source security and compliance management company, has announced the launch of a new open source management tool integrated within the Microsoft Visual Studio Team Services (VSTS) and Team Foundation Server (TFS) platforms - the WhiteSource Bolt (Bolt).Bolt is fully immersed within the VSTS and TFS products, so users can detect vulnerable ...
The biggest delays in digital transformation initiatives
Tuesday, March 14, 2017 by Richard Harris
We recently caught up with Robert Reeves, co-founder and CTO of Datical, a provider of database release automation solutions, on the findings of a recent survey - conducted by IDG and commissioned by Datical - that reveal the biggest delays in digital transformation initiatives. ADM: When on the road to digital transformation, what causes the biggest speed bumps?Reeves:...
How to integrate business priorities into the DevOps process
Wednesday, March 8, 2017 by Anaud Ganpaul
The business case for enterprise mobile applications is in crisis. Enterprises increased their spend on mobile application development to more than 10% of their overall budgets in 2016, yet fewer than 1% of mobile apps are successful, according to research firm, Gartner.To address this disturbing trend, enterprises are re-envisioning their mobile application development...
Sean Carron tells us about Team Smiles and HappinessasaService
Monday, December 12, 2016 by Richard Harris
Happiness-as-a-Service is an application that allows kids awaiting a transplant, or those who received a transplant, to request a wish, and then connects them with benefactors who can fund their wishes. It enables users to nominate a critically ill child, see a child’s wish in their local community, and donate - among other features. The users can create &ld...
New VS plugin from Checkmarx lets DevOps teams to rapidly embed security
Wednesday, November 16, 2016 by Christian Hargrave
Checkmarx just announced a new Checkmarx plugin for the Microsoft Visual Studio Team Services platform. The new Checkmarx (CxSAST) Microsoft Visual Studio Team Services Plugin allows organizations with agile development practices to embed security into their software development lifecycle (SDLC) without the delays traditionally caused by application security t...
HPE Study identifies significant barriers with integrating security and DevOps
Tuesday, October 25, 2016 by Richard Harris
The HPE Application Security and DevOps Report just released, which discusses in depth where organizations are at in their implementation of DevOps, and how application security fits within this new model. While there is a perception that security and DevOps go hand-in-hand, there are significant gaps between the opportunity of incorporating security as a natural part o...
Hewlett Packard Enterprise Introduces New Application Security Solutions
Monday, September 19, 2016 by Richard Harris
Hewlett Packard Enterprise (HPE) has introduced the HPE Fortify Ecosystem and Fortify on Demand (FoD) continuous application monitoring service. The online marketplace and service are designed to help organizations create secure applications by naturally integrating security testing processes and resources throughout the fast-paced software development lifecycle (SDLC)....
Checkmarx Tells Us Why App Developers Should Care About App Security
Thursday, August 18, 2016 by Richard Harris
We recently had a conversation with Emmanuel Benzaquen at Checkmarx to talk about how they are able to scrutinize code with a fine-toothed comb and find vulnerabilities early and why other developers need to be doing the same. With clients such as Coca-Cola, SAP, and Salesforce, they seem to be carving out a niche for application security in the crowded tech-s...
Orasi Software and Saltworks Security Form New Application Security Venture
Monday, June 6, 2016 by Richard Harris
Orasi Software and Saltworks Security have announced an agreement to form a new cooperative venture, where Orasi will contribute quality-focused solution sales, support, consulting and training services that leverage Saltworks application security services. The resulting collaboration will offer an all-inclusive security offering of planning, deployment, training and on...
A Few TIPPs for Mobile Testing Environments
Tuesday, June 16, 2015 by Yoram Mizrachi
Many organizations we work with are struggling to see value from their efforts in mobile development, and I’ve noticed a trend that the main issue seems to be that their software development lifecycle does not run as smoothly as they would like. When the SDLC is not running well, it sets the product up for bugs and missed deadlines. Often times the tools used...
Contrast Security Release New Enterprise Application Security Platform
Tuesday, June 9, 2015 by Stuart Parkerson
Contrast Security has release Contrast Enterprise, a new application security product to integrate defenses across development and operations, offering vulnerability assessment, security visibility and attack protection throughout the application lifecycle. Contrast Enterprise offers Runtime Application Self-Protection (RASP), which provides deep security instrumen...
Skytap Releases iOS App to Manage the Software Development Life Cycle
Wednesday, April 1, 2015 by Stuart Parkerson
Skytap, a provider of on-demand Environments-as-a-Service (EaaS), has released the Skytap Mobile Admin App for iOS, which allows users of the Skytap platform to manage cloud-based dev/test, training and demo environments.Skytap provides its EaaS platform to manage the Software Development Life Cycle (SDLC) and help customers deliver better software. Skytap is used to ma...
Why App Development Requires Continuous Quality
Friday, January 16, 2015 by Carlo Cadet
Mobile apps have drastically changed the way users interact with brands. Unfortunately, with the rapid pace of innovation, businesses are struggling to meet user expectations. As organizations approach these challenges, it’s the solutions which have proven to be elusive. In order to ensure application quality in the modern age of mobile, a new approach is required. ...
An Introduction to Performance Testing in a Continuous Delivery Environment
Monday, December 1, 2014 by Caleb Billingsley
Increasingly for all applications, but especially for mobile apps, performance is king. We have entered an era of near-zero user tolerance for poor or slow performing applications. Complicating matters, applications are becoming increasingly complex, and most rely upon multiple third-party components and services. In many cases, these services are interdependent upon on...
What are the Most Sought After Coding Skills for Developers
Wednesday, May 28, 2014 by Richard Harris
Dice.com, a tech job site, suggests that employers want software developers who’re experts in well-established technologies such as Java, .NET, C++, and HTML. Researched from hiring manager postings looking for developers on the Dice site from January 1 – April 15, the most sought-after skills and qualifications are provided in this top 40 list:1. Java/J2EE2. ...
Parasoft API Testing Enhances Automation for Mobile API Testing
Tuesday, March 11, 2014 by Stuart Parkerson
Parasoft has released the latest edition of its API testing solution which introduces enhanced support for testing RESTful APIs for mobile transactions.The latest release of Parasoft's enterprise-grade API Testing solution addresses the ongoing shift from XML/SOAP to JSON/REST focusing on ensuring that rich regression suites for JSON can be more rapidly constr...
Orasi to Host Two Free Webinars in February for Enterprise App Developers
Wednesday, January 29, 2014 by Richard Harris
Orasi has announced two free webinars in February to help enterprises better understand how to leverage their ALM tools for their SAP environment and to increase testing efficiencies. Leveraging Your ALM Tools for Your SAP Environment – Feb 5Overview - Functional testing is a key piece of any SAP implementation and a piece that is often omitted due to time and...
Orasi Hosts Free Webinars in November – “Test Data Management (TDM) Strategies” and “App Lifecycle Intelligence”
Friday, November 1, 2013 by Stuart Parkerson
Orasi will host two webinars in November to help developers improve their efficiency.
On November 5, Orasi will host the webinar “Gain A Competitive Advantage with Test Data Management” and on November 20 will present the webinar “Using HP Application Lifecycle Intelligence to Gain Insight & Improve Collaboration.” Did you know that developers and testers...
WSO2 Launches App Factory Self Service Enterprise DevOps Platform
Tuesday, July 16, 2013 by Richard Harris
WSO2 has introduced App Factory, a multi-tenant, elastic and self-service Enterprise DevOps platform, which allows multiple development groups to collaboratively create, run and manage enterprise applications.
The new product offers a application lifecycle management system offering Platform-as-a-Service (PaaS) capabilities.
Developers can utilize App Factory to c...