SBOM mandate to improve cybersecurity in the US
Friday, March 17, 2023 by Freeman Lightner
The number of cyberattacks waged against government sectors worldwide increased by 95% in the second half of 2022 compared to the same time period in 2021. (1) The global cost of cyberattacks is expected to grow exponentially from $8.44 trillion in 2022 to $23.84 trillion by 2027. (2) To support the nation’s critical infrastructure and Federal Government networks,...
Decentralized wallets suggested after Solana hack
Wednesday, August 17, 2022 by Freeman Lightner
The recent hack on the Solana cryptocurrency wallet has led to a drain of millions of dollars, which raised concerns about the security of the crypto ecosystem. Against this backdrop, the volume of discussions around 'Solana' among Twitter influencers surged in the first week of August as most of them commended the use of decentralized or open source w...
DevOps predictions for 2022
Wednesday, January 19, 2022 by Richard Harris
Yoav Landman, Co-Founder, and CTO of JFrog created Artifactory after 7 years as a senior consultant with AlphaCSP. He has held several senior technical roles with Attunity, Verve, and Sausage. Yoav holds a Master of Computing degree from RMIT University and a BA in Law (LLB) from Haifa University.
Low-Code/No-Code, Metaverse, and DevOps predictions for 2022
Sonatype implements Applitools to ensure app quality
Friday, March 12, 2021 by Brittany Hainzinger
Sonatype was in search of a solution to prevent visual bugs across the variety of operating systems and browsers supported by the Nexus platform.
After implementing Applitools, the engineering team can solely focus on delivering value, while Applitools uncovers countless unexpected changes before code ever leaves development.
Moving forward, Sonatype will deploy a...
OverOps Platform helps DevOps find misbehaving code with ML
Thursday, August 2, 2018 by Christian Hargrave
Machine learning meets bug detection with the announcement that OverOps made about the release of their new platform. DevOps teams will soon be armed with net new machine data to effectively evaluate the reliability of software they promote and implement a culture of accountability within their organizations, says OverOps with the release fo their platform. At its core,...
Sonatype expands firewall to stop dev vulnerabilities
Friday, March 9, 2018 by Christian Hargrave
Sonatype has announced that the Nexus Firewall is now available to support the more than 10 million developers currently using the open source version of Nexus Repository. Previously only available to commercial users of Nexus Repository Pro, the newest version of Nexus Firewall gives all Nexus Repo users the ability to automatically stop vulnerable open source componen...
Flexera issues warning about Cyberattacks
Tuesday, October 24, 2017 by Christian Hargrave
As 143 million Equifax consumers continue to pick up the pieces from stolen Social Security numbers, birth dates, drivers’ licenses, addresses and credit card numbers, Flexera has another warning - expect a long tail of incidents and breaches in the months and years to come.Flexera surveyed over 400 software suppliers, Internet of Things (IoT) manufacturers and in-house...
Docker for the Enterprise launched with a Certification Program
Friday, March 3, 2017 by Richard Harris
Docker has announced their Enterprise Edition (EE), a new commercial platform for enterprise development and IT ops teams that build, run, and operate business-critical applications in production at scale across the software supply chain. Comprised of a container runtime, with integrated and multi-tenant orchestration, security and management in addition to an ecosystem...
Friday, January 13, 2017 by Matt Howard
Docker predicts much opportunity for anyone with CaaS expertise in 2017
Monday, December 19, 2016 by Richard Harris
Rising confidence in container security, to the point that developers consider containers more secure than alternative technologies, will drive an increase in the use of CaaS, displacing legacy PaaS approaches to application development and deployment. This requirement for integrated security at every phase of the software supply chain will rise to the surface in the up...
Why software is no longer being written from scratch
Tuesday, November 1, 2016 by Richard Harris
Application developers are increasingly reliant on open source component parts because pre-fabricated components speed up innovation and save developers the time (and money) of having to write code from scratch.But with 6.1% of component downloads containing a known security vulnerability it’s inevitable that defective parts will make their way into production – especia...
Synopsys Makes Updates to its Seeker Runtime Security Analysis Tool
Monday, August 8, 2016 by Richard Harris
Synopsys has released the latest version of its Seeker runtime security analysis solution. Seeker analyzes web application code and data flows at runtime using a technique known as an Interactive Application Security Testing (IAST), which detects and confirms exploitable security vulnerabilities and provides insight that allows developers to address their root causes. T...