Search Results for: dependencies
You searched for dependencies - DevOps.com
Massive Number of Transitive Dependencies Traced to Open Source Code
An analysis of nearly 2,000 software packages published by Endor Labs found 95% of all application vulnerabilities can be traced back to a transitive dependency created when a developer used an open ...
CodeLogic Toolkit Increases Visibility Into App Dependencies
CodeLogic launched today a toolkit that enables developers to scan binaries, runtime application behavior and database connections and then leverage graph technology to identify connections and dependencies in real-time. Brian Pierce, CodeLogic ...
DevOps, Dependencies and SAFe — Unifying Value Streams to Accelerate Delivery
One of the ten principles of SAFe is to decentralize decision-making. As you break down dependencies and decentralize decision making to DevOps teams and value streams you’ll be moving from command and ...
Dependencies in Cloud-Native Apps can Amplify Risks
Hidden Dependencies in Cloud-Native Apps can Amplify Security Risks Cloud-native applications and modern development practices result in applications that are highly distributed and loosely coupled. In many cases, organizations have no control ...
DevOps, Dependencies and SAFe — Unifying Value Streams to Accelerate Delivery
With SAFe, a major lean objective is to maximize customer value by achieving the shortest sustainable lead-time while maintaining the highest possible quality products and services. But to fully realize this vision, ...
Serverless is great, but what about the security of my AWS Lambda functions and their dependencies?
Function as a Service (FaaS) platforms patch your operating system dependencies for you, but do nothing to secure your application dependencies, such as those pulled from npm, PyPI, Maven and the likes ...
An Open Source DevSecOps Platform for Securing Code & Dependencies
ShiftLeft Scan is an open-source platform designed to make automating security, as part of modern software development lifecycles, as easy as pie. It provides efficient workflows to get the right developer the right vulnerability information ...
Fire Alarms vs. Fire Hoses: Keeping Up with Dependencies
Today no one can claim ignorance about the need for an open source vulnerability strategy, so what is yours? Are you the fire alarm type, who prefers to sit tight unless a vulnerability alert is ...
Common Hidden Dependencies and How to Uncover Them
It’s no secret that a truly Agile approach minimizes the risk organizations assume with waterfall or other traditional project management methods, by letting teams iterate and inspect and adapt as they go ...
Is Backstage the Right Internal Developer Portal for You?
There has never been a better time to be a software developer. There is a language and framework to solve virtually any challenges we encounter. New tools, architectural patterns and methodologies like ...
Don’t Expect Developers to be Security Experts!
Developers are not security experts! Why not? And should they be? We’re still learning — sometimes through trial and error — the best way to tackle security issues that won’t negatively interfere ...