Continuous Testing
Three Ways to Speed up SAST
In modern, continuous software development life cycle (SDLC) processes, when code is written and before it’s committed to the repository, it’s run through testing, which may include unit testing, regression testing or ...
Four Causes of Technical Debt in DevOps
Bill Doerrfeld | | application architecture, continuous deployment, Life cycle management, technical debtIdeally, DevOps should retain a lean footprint, but avoiding technical debt is easier said than done. As such, over half of IT leaders report technical debt is a big or critical problem ...
Sonatype Report Surfaces Scope of Known Vulnerability Challenge
Sonatype this week published a State of the Software Supply Chain Report that found a 633% year-over-year increase in malicious attacks aimed at open source software residing in public repositories. In addition, ...
Datadog Extends Reach of Integrated DevOps Platform
Mike Vizard | | cloud cost management, cloud security posture management, datadog, DevOps metrics, IT observabilityAt its Dash 2022 conference, Datadog announced today it is extending the reach of its namesake cloud-delivered monitoring and observability platform to address continuous testing, application security and cost management. In addition, ...
Making SBOMs Actionable
A software bill of materials (SBOM) is a list of all the software components found in a given codebase or used in a given software build. Great. So, now what? Why do ...
JFrog Adds Module to Better Secure Software Supply Chains
JFrog today added a JFrog Advanced Security module to its Artifactory repository that enables DevOps teams to scan both binaries and source code for vulnerabilities and misconfigurations. Stephen Chin, vice president of ...
DevOps Principles, Implementations and Culture
When organizations begin using DevOps for application development, many only reference DevOps as part of their infrastructure and select a subset of DevOps before understanding the cultural and process changes needed for success ...
Implementing Data-Driven DevSecOps
Tom Tovar | | data analysis, devsecops, mobile application testing, mobile security, software securityRight now, the way DevSecOps is typically implemented doesn’t fit with the rapid and agile DevOps CI/CD pipeline at all. It’s like applying 19th-century firefighting methods to a modern forest fire. Back then, ...
Google Looks to Secure Software Supply Chains
At the Google Cloud Next '22 conference, Google today launched a managed Software Delivery Shield (SDS) service to enable DevOps team to store, manage and secure the build artifacts in Artifact Registry ...
5 Ways to Transform DataOps With Human-in-the-Loop Automation
We are in the middle of a data renaissance. Today, it’s not just about data instrumentation but also learning how to make DataOps a real business advantage for the entire organization. Data ...
Allstacks Adds Alert Capability to VSM Platform
Allstacks has added an alert capability to its software-as-a-service (SaaS) value stream management platform that automatically notifies DevOps teams when software project goals and deadlines are likely to be missed. The core ...
Endor Labs Applies Graph Analysis to Secure Software Supply Chains
Endor Labs exited stealth mode today to launch a platform that applies graph analysis to identify the depth of dependencies that exist within an application. Fresh from raising $25 million in funding, ...
