DevSecOps
FIDO/WebAuthn Passkeys is Inevitable: Get on the Train ¦ IBM CEO Hates WFH
Richi Jennings | | 2FA, Arvind Krishna, authentication, devsecops, FIDO, google, Hybrid Work environment, ibm, managing remote workers, MFA, multi-factor authentication, multifactor authentication, Passkeys, Remote work, The Long View, two factor, WebAuthn, WFH, work from home, working from homeIn this week’s #TheLongView: The Passkeys authentication standard gets a huge boost, and Arvind Krishna wants workers back in the office ...
How DevSecOps Addresses Supply Chain Security
Gaurav Belani | | devsecops, software development, software security, Software Supply Chain Security, supply chain“The absence of security in the initial stages of system engineering is the single most significant cybersecurity gap and risk in modern system development.” This quote from tech entrepreneur Linda Rawson is ...
Codenotary Previews Secure SBOM Creation Service
Codenotary today made available a preview of a centralized repository service for generating and storing software bills of materials (SBOMs) that makes it simpler to securely share them as necessary. Moshe Bar, ...
Linux 6.3: What’s New ¦ AWS Layoffs are a Worry
Richi Jennings | | Amazon, Amazon Web Services, AWS, careers, DevOps careers, layoffs, linux, Linux 6.3, tech layoffs, The Long ViewIn this week’s #TheLongView: A new Linux kernel drops and layoffs at Amazon Web Services point to trouble ...
Cycode Adds ASOC Module to Streamline DevSecOps Workflows
Cycode has added a module to its platform for mapping metadata and events using graph technology that makes it simpler for application development and cybersecurity to consolidate alerts generated by their DevSevOps ...
GitLab Survey Reveals DevSecOps Gains
A global survey of 5,010 IT leaders, CISOs and developers published by GitLab this week found well over half (56%) of respondents are working for organizations that are using DevOps or DevSecOps ...
Report: Most IT Teams Can’t Fix Open Source Software Security
Mike Vizard | | dependencies, Lineaje, open source, Open Source Security Foundation, software securityLineaje, a provider of a platform for securing software supply chains, today published an analysis of 41,989 open source components embedded in the top 44 popular projects managed by the Apache Software ...
Mobb Launches Community Edition of Automated Remediation Tool
Mobb today made available a free community edition of a namesake tool that creates fixes to open source vulnerabilities. The fixes are based on the results of code scanning by a static ...
How Application Developer Turnover is Shaping Security
Observing the developer job market for the past two years reveals a surprising truth that has a profound impact on technology organizations. In the “new normal” of hybrid work, life moves fast ...
A DevOps Guide to the Language of DevSecOps
Security is increasingly important for DevOps due to the growing complexity of applications and the accelerated pace of development. As organizations adopt DevOps practices, they face new challenges in securing applications and ...
Android Apps Must Let Users Delete Data ¦ RISC-V in the Data Center
Richi Jennings | | Android, ARM, data center, data privacy, devsecops, GDPR, Google Play Data safety section, Green data center, IaaS, privacy, RISC-V, The Long View, x86 platformIn this week’s #TheLongView: Google forces apps to make deleting users’ data easier, and the RISC-V drumbeat grows louder ...
Synopsys Preps Extensions to Polaris SaaS Platform
Synopsys plans to extend the capabilities of its Polaris Software Integrity Platform for securing application development environments by adding dynamic application security testing (DAST) tools along with the ability to scan code ...
