Web3 adoption driven by Cronos Labs and Protocol Labs
Tuesday, July 18, 2023 by Brittany Hainzinger
Cronos Labs announced a partnership with Protocol Labs, the open-source research and development laboratory that builds protocols, tools, and services to radically improve the internet. As part of the collaboration, Protocol Labs will provide startups within Cronos’ Accelerator Program with the resources needed to develop innovative Web3 applications within t...
PCI DSS JavaScript compliance tool free from Jscrambler
Thursday, June 29, 2023 by Brittany Hainzinger
Jscrambler announced the launch and immediate availability of its free PCI DSS JavaScript Compliance Tool to ensure granular and flexible capacity to meet the stringent new requirements introduced by version 4.0 of the Payment Card Industry Data Security Standards (PCI DSS v4.0). This free assessment tool provides organizations of all sizes with clarity and si...
SQL server modernization solution from SUSE and DH2i
Friday, June 23, 2023 by Freeman Lightner
DH2i is partnering with SUSE to offer the simplest route to Microsoft SQL Server container modernization. By combining DH2i's DxEnterprise Smart High Availability Clustering software with Rancher by SUSE, organizations can seamlessly migrate both physical and virtual SQL Server databases to availability groups in Kubernetes within minutes. This collaboration em...
Developers invited to Epson US Innovation Challenge
Wednesday, June 21, 2023 by Richard Harris
Offering an attractive ecosystem of over tens of millions of printers and scanners sold across more than 150 countries, Epson announced it will be hosting its second U.S.-based "Epson Innovation Challenge," offering developers a unique opportunity to partner with a trusted brand with global reach. Held in San Francisco, San Jose and remotely from July 12-...
Red Hat OpenStack and DevSecOps updates
Thursday, June 15, 2023 by Richard Harris
DSO National Laboratories (DSO), Singapore’s national defense research and development (R&D) organization, and open source leader Red Hat, has announced a collaboration to develop new DevSecOps capabilities. The joint work between Red Hat and DSO shows the value of collaboration to facilitate knowledge exchange in Singapore’s defense R&D efforts.
...
Red Hat Summit 2023 event lineup
Tuesday, May 23, 2023 by Freeman Lightner
Red Hat Summit 2023 is underway and below you will find information on event activities and the latest product news announcements, from generative AI to automation and DevSecOps.
Tuesday, May 23:
9 am EDT - Keynote: Innovation doesn’t rely on your IT budget
Hosted by Red Hat leaders alongside:
Tom Gilbert, Head of Cloud and Middleware,...
Zero trust policies for software releases could be key
Thursday, December 8, 2022 by Gopinath Rebala
Today’s integrated DevOps methodology offers businesses the promise of accelerating innovation by providing customers and employees with new application capabilities faster. However, this approach can also increase risks associated with cybercrime and the failure to comply with rapidly evolving privacy regulations. As a result, minimizing security risk during the ...
The value of BizDevSecOps for developers
Friday, August 26, 2022 by Richard Harris
Gregg Ostrowski serves as the Executive CTO at AppDynamics, part of Cisco. In this Q&A, he goes in-depth on the value of BizDevSecOps for developers, including how it helps break down silos and build bridges among business, security, developer, and operations teams. Gregg highlights how the framework evolved from DevOps and DevSecOps, as well as why it is ...
Traceable AI and ArmorCode integration
Wednesday, August 24, 2022 by Brittany Hainzinger
ArmorCode has announced an integration with Traceable AI which will bring its data into the ArmorCode platform and improve Application Security Posture from code to cloud.
To move at the speed of business, modern applications are increasingly powered by APIs to deliver functionality. The challenge is that each new API must be secured and as the number of APIs in...
AppSecCon 2022 dates
Monday, May 9, 2022 by Freeman Lightner
The Purple Book Community, a community of top security leaders, announced that AppSecCon 2022 will take place May 18-19, 2022. The virtual event is expected to host thousands of leading security professionals from around the world.0
AppSecCon 2022 dates
When: May 18-19, 2022 from 9 a.m. to 2 p.m. (PT) each day
Where: Virtual Conference, Register Today! Presenta...
DevOps predictions for 2022
Wednesday, January 19, 2022 by Richard Harris
Yoav Landman, Co-Founder, and CTO of JFrog created Artifactory after 7 years as a senior consultant with AlphaCSP. He has held several senior technical roles with Attunity, Verve, and Sausage. Yoav holds a Master of Computing degree from RMIT University and a BA in Law (LLB) from Haifa University.
Low-Code/No-Code, Metaverse, and DevOps predictions for 2022
Landma...
Cloud and Edge computing 2022 predictions
Monday, January 17, 2022 by Brittany Hainzinger
Tobi Knaup is the CEO & Co-Founder at D2iQ, an independent Kubernetes company that 30% of the Fortune 50 companies and the U.S. Department of Defense rely on for their most mission-critical apps. Knaup shares his 2022 predictions about the shifting cloud landscape.
The marriage of Cloud and Edge:
While both edge and cloud computing has been the subj...
Compliance as code adoption in 2022
Monday, January 10, 2022 by Freeman Lightner
Prashanth Nanjundappa is VP of Product Management at Progress. He has spent his entire career of over 20 years in the tech world, managing cross-functional high-performance teams, focused on building and launching enterprise and consumer products globally.
In the first 12 years of his career, Prashanth worked as a developer, technical lead, and architect for mobile, ...
App security testing platform lands from Oxeye
Monday, January 3, 2022 by Freeman Lightner
Oxeye announced the company’s Cloud-Native Application Security Testing Platform (CNAST). The new platform identifies code vulnerabilities, open-source vulnerabilities, and secrets to highlight the most critical issues in the software development lifecycle, delivering clear guidance for fast and accurate remediation.
App security testing platform CNAST
Accor...
Oxeye closes a $5.3 Million seed financing round
Thursday, November 4, 2021 by Brittany Hainzinger
Oxeye announced the closing of a $5.3 Million seed financing round led by MoreVC, a seed-stage venture capital fund in Israel. The latest round includes support from i3 Equity Partners, and other cybersecurity focused investors as the company prepares to protect the world’s most popular Web applications with next-generation cloud-native Application Security Testin...
Software testing with Visual AI
Thursday, September 30, 2021 by Brittany Hainzinger
Applitools announced its inclusion in new research published by Enterprise Management Associates (EMA) entitled, "Disrupting the Economics of Software Testing Through AI." According to the report, Visual AI has the highest impact on software testing as compared to other available applications of AI technology in the market today.
Software testing with ...
Increase developer productivity with webhooks from CircleCI
Thursday, September 2, 2021 by Freeman Lightner
CircleCI, the continuous integration, and continuous delivery (CI/CD) platform have announced CircleCI webhooks, a feature that provides software engineering teams the ability to build integrations that react to CircleCI job and workflow status notifications.
How to increase developer productivity with webhooks from CircleCI
Research shows that the performance lev...
SRE practitioner certification announced by DevOps Institute
Monday, July 26, 2021 by Brittany Hainzinger
DevOps Institute announced its Site Reliability Engineer (SRE) Practitioner certification. This advanced certification helps candidates validate their deeper application of practices, methods, and tools for advancing site reliability engineering practices at their organizations. The SRE Practitioner certification is tailored for anyone focused on large-scale servic...
Compliance automation will take center stage this year
Wednesday, May 26, 2021 by Richard Harris
Compliance automation uses artificial intelligence features and technology to make compliance procedures easier - according to most sources on the web, about the meaning of compliance automation.
Progress Software CEO Yogesh Gupta says with smart companies turning to a compliance-as-code approach to keep infrastructure, apps, and end-user devices secure and com...
DevSecOps will go mainstream this year
Tuesday, January 26, 2021 by Richard Harris
Cybercriminals love Shadow Code exploits because hacking a commonly used library or service can place the malicious code on hundreds or thousands of websites. For example, the widely used jQuery JavaScript library has been breached multiple times, leading to digital skimming attacks broadly across the e-commerce sector. Adding jQuery to an application without ...
How DevOps will change in 2021
Saturday, January 9, 2021 by Freeman Lightner
DevOps will become much more security-aware. We’ll see greater attention paid to the newly expanded surface area created in the practice of DevOps and how to proactively protect against vulnerabilities in DevOps.
How DevOps will change in 2021 and the Impact from it
First, IT Ops and DevOps teams will need to reorient their processes to one that unifies...
Low code innovation predictions for 2021 from Gigaom
Tuesday, January 5, 2021 by Richard Harris
Distributed architectures drive development. We’re seeing a great deal of interest in microservices, containers, serverless, not just for new-build but also as a way to reface older applications and data. These architectures, which will also be hugely important for Edge and IoT, have an impact on how applications are built, as each distributed service needs to be ...
Political app vulnerabilities raise concern
Thursday, October 22, 2020 by Doug Dooley
With election season upon us, the US population is being inundated by candidate and proposition propaganda from a variety of sources – including television, the US mail, and mobile device apps. As annoying as this flood of information is at times, it’s important to understand that when it comes to these popular apps, and in fact all apps, if certain security...
GitLab acquires Peach Tech and Fuzzit
Friday, June 12, 2020 by Brittany Hainzinger
GitLab announced it has acquired Peach Tech and Fuzzit. These acquisitions will add fully-mature testing solutions including protocol fuzzing, API fuzzing, DAST API testing, and coverage-guided fuzz testing. This makes GitLab’s DevSecOps offering the first security solution to offer both coverage-guided and behavioral fuzz testing techniques as well as the fi...
Results from 2020 Quarterly Mobile Index report
Tuesday, May 19, 2020 by Brittany Hainzinger
PubMatic announced findings from their Q1 2020 Quarterly Mobile Index report, which shows that mobile advertising was much less affected by the coronavirus pandemic when compared to desktop advertising during the first three months of the year. With an accelerated shift to mobile, PubMatic advises publishers to take the current environment as an opportunity to review th...
Fourth annual DevSecOps survey from Gitlab
Monday, May 18, 2020 by Brittany Hainzinger
GitLab released the results of its fourth annual DevSecOps survey uncovering how roles across software development teams have changed as more teams adopt DevOps. The survey of over 3,650 respondents from 21 countries worldwide found that rising rates of DevOps adoption and implementation of new tools has led to sweeping changes in job functions, tool choices and or...
DevSecOps 7th annual Community Survey results
Wednesday, April 15, 2020 by Brittany Hainzinger
Sonatype published findings from its seventh annual DevSecOps Community Survey, based on responses from 5,045 software engineering professionals. The survey, developed and conducted in partnership with Carnegie Mellon’s Software Engineering Institute, CloudBees, DevOps Institute, DevOps.com, DevSecOps Days, NowSecure, Security Boulevard, Verica, and All Day DevOps...
Improve DevOps processes with API catalog
Thursday, March 26, 2020 by Richard Harris
One of the biggest trends in DevOps is the “shift left” approach when it comes to security, so much so that security conferences now host developer days, developer conferences host security days, and the two have melded into DevSecOps. But pragmatically, how do you implement security earlier into your development cycles? According to CloudVector VP of Engine...
Container runtime scanning open source software launched by Portshift
Thursday, March 26, 2020 by Brittany Hainzinger
Portshift introduced Kubei Open Source container scanning software. Kubei is a unique open source Kubernetes runtime images scanning solution, presented to invite developer collaboration for the hardening of runtime environments. Kubei identifies which pods were built from vulnerable images or contain newly discovered vulnerabilities, then it couples the Kubernetes info...
Best Practices for Kubernetes deployments from Portshift
Monday, January 27, 2020 by Richard Harris
Portshift presents five security best practices for DevOps and development professionals managing Kubernetes deployments. Integrating these security measures into the CI/CD pipeline will assist organizations in the detection and remediation of security issues earlier in the development process, allowing faster and shorter cycles while assuring safe and secure deployment...
New DevOps Institute program
Tuesday, August 13, 2019 by Richard Harris
DevOps Institue, a global member-based association for advancing the human elements of DevOps, revealed the introduction of its DevOps Institute Ambassador program. The program invites and acknowledges accomplished volunteers from across the globe who are committed to leading and empowering the DevOps Institute member community with the SKIL Framework to advan...
API contracts at the heart of security in 42Crunch release
Thursday, August 8, 2019 by Christian Hargrave
42Crunch, the creator of the industry's first API Firewall has released the API security platform with enhanced tools for developers to easily define security in OpenAPI contracts, enabling an agile DevSecOps experience, and providing full visibility into each individual API's security landscape. API security is complex and becomes a bottleneck wh...
Gitlab 12.0 released
Friday, June 28, 2019 by Christian Hargrave
GitLab is releasing 12.0 to help enterprises transform and accelerate DevOps adoption by bringing developers, operations professionals, and the security team together in the first single application for the entire DevSecOps lifecycle. With the 12.0 release, GitLab is building upon security features recently released - such as security dashboards, auto remediation and se...
Crowdsourced security and bug bounty adoption is spreading
Monday, May 20, 2019 by Richard Harris
There continues to be a fundamental imbalance in cybersecurity. Attackers are finding new ways to penetrate cyber defenses as targets proliferate to the cloud, mobile, and connected devices. Defenders need to take a proactive security approach.
The evolving threat landscape and the ever-widening security skills gap are giving rise to new approaches such as crowdsourc...
API security testing just got easier with 42Crunch's new scanner
Thursday, March 21, 2019 by Richard Harris
42Crunch officially released the 42Crunch API Platform, an API security cloud platform to discover vulnerabilities in APIs and protect them from attack. The 42Crunch Platform can protect SaaS, Web, or IoT APIs, as well as microservices.
This follows the launch of the free API Contract Security Audit tool at APISecurity.io earlier this month. The tool helps API d...