DevSecOps
Putting the Security Into DevSecOps
The non-Newtonian fluid that’s composed of cornstarch and water has been around a long time, but Dr. Seuss’ 1949 book was the impetus for what it’s often called today – Oobleck, from ...
The 6 Pillars of DevSecOps: Pillar One-Collective Responsibility
With the increased interest in DevSecOps, the Cloud Security Alliance (CSA) and Software Assurance Forum for Excellence in Code (SAFECode) brought together a DevSecOps Working Group to identify and share best practices ...
WhiteSource Offers Free Spring4Shell Vulnerability Tool
WhiteSource has launched a free command-line interface (CLI) tool that detects vulnerable open source Spring4Shell vulnerabilities (CVE-2022-22965) that are impacting Java applications built using the Spring development framework. Susan St. Clair, director ...
What to Expect When Transitioning to DevSecOps
How do you ensure your DevOps pipeline is secure? Does DevSecOps protect you against serious breaches or is it just a way to allay the concerns of stakeholders about security in DevOps? ...
Akamai: Buying Linode | Firefox: Not OK | Gone: Google Vaccine Mandate
Richi Jennings | | Akamai, careers, COVID-19, Failure is the foundation of success—and the means by which it is achieved, Firefox, Gecko, Great Resignation, Linode, Mozilla, remote workers, The Long View, WFH, work from homeIn this week’s The Long View: Linode bought by Akamai, Firefox market share “measly,” and Google brings staff back to the office ...
How to Seamlessly Transition to DevSecOps
In the last few months, the cybersecurity world has been taken by storm following the discovery of the Log4Shell vulnerability. The zero-day had the potential to put much of the connected world ...
IBM ‘is Ageist and Sexist’ | IBM Mainframe-aaS | IBM Vaccine Mandate
Richi Jennings | | ageism, careers, cloud and mainframe, COVID-19, Devops for z/OS, Great Resignation, ibm, IBM Cloud, IBM Wazi, mainframe, mainframe security, remote working, The Long View, Those who know do not speak; those who speak do not know, WFH, work from home, z/OSIn this week’s The Long View: IBM’s employment practices get held up to scrutiny, IBM z/OSaaS breaks cover, and IBM encourages staff back to the office ...
Unreliable Server Scare | Information Batteries | ARM IPO PDQ
Richi Jennings | | ARM, cosmic rays, Fall seven times and stand up the eighth, Green data center, Information batteries, machine learning, muons, NVIDIA, reliability, SoftBank, The Long ViewIn this week’s The Long View: We worry about chips failing randomly, we ponder a new way of thinking about workload shifting, and we grok Arm’s IPO ...
Codenotary Launches Cloud Service to Generate SBOMs
Codenotary has launched a Codenotary Cloud platform that can automatically generate a software bill of materials (SBOM) and make it easier to discover what components have been included in an application. Moshe ...
Why Developer-First is the Future of AppSec
DevOps culture and rapid cloud adoption mean developers are shipping code faster than ever and, in many cases, security teams struggle to keep up. To avoid relegating security to afterthought status, organizations ...
App Store Antitrust Bill | GDPR vs. Google Fonts | Wordle Worth $1M+
Richi Jennings | | app stores, Apple, devsecops, GDPR, google, , Open App Markets Act, The Long View, The New York Times, WordleIn this week’s The Long View: The Open App Markets Act polls well among devs, Germany fines a website for using Google Fonts, and the NY Times buys Wordle for an unfeasible ...
Improving Software Security in 2022
Pieter Danhieux | | developer skills, secure code DevSecOps, Secure Code Warrior, Secure Software Summit, shift leftThe recent Log4j vulnerability showed just how quickly a security bug could disrupt not just an industry, but the entire world. Organizations, especially federal agencies, will always find themselves at some level ...
