DevSecOps
How to Seamlessly Transition to DevSecOps
In the last few months, the cybersecurity world has been taken by storm following the discovery of the Log4Shell vulnerability. The zero-day had the potential to put much of the connected world ...
IBM ‘is Ageist and Sexist’ | IBM Mainframe-aaS | IBM Vaccine Mandate
Richi Jennings | | ageism, careers, cloud and mainframe, COVID-19, Devops for z/OS, Great Resignation, ibm, IBM Cloud, IBM Wazi, mainframe, mainframe security, remote working, The Long View, Those who know do not speak; those who speak do not know, WFH, work from home, z/OSIn this week’s The Long View: IBM’s employment practices get held up to scrutiny, IBM z/OSaaS breaks cover, and IBM encourages staff back to the office ...
Unreliable Server Scare | Information Batteries | ARM IPO PDQ
Richi Jennings | | ARM, cosmic rays, Fall seven times and stand up the eighth, Green data center, Information batteries, machine learning, muons, NVIDIA, reliability, SoftBank, The Long ViewIn this week’s The Long View: We worry about chips failing randomly, we ponder a new way of thinking about workload shifting, and we grok Arm’s IPO ...
Codenotary Launches Cloud Service to Generate SBOMs
Codenotary has launched a Codenotary Cloud platform that can automatically generate a software bill of materials (SBOM) and make it easier to discover what components have been included in an application. Moshe ...
Why Developer-First is the Future of AppSec
DevOps culture and rapid cloud adoption mean developers are shipping code faster than ever and, in many cases, security teams struggle to keep up. To avoid relegating security to afterthought status, organizations ...
App Store Antitrust Bill | GDPR vs. Google Fonts | Wordle Worth $1M+
Richi Jennings | | app stores, Apple, devsecops, GDPR, google, , Open App Markets Act, The Long View, The New York Times, WordleIn this week’s The Long View: The Open App Markets Act polls well among devs, Germany fines a website for using Google Fonts, and the NY Times buys Wordle for an unfeasible ...
Improving Software Security in 2022
Pieter Danhieux | | developer skills, secure code DevSecOps, Secure Code Warrior, Secure Software Summit, shift leftThe recent Log4j vulnerability showed just how quickly a security bug could disrupt not just an industry, but the entire world. Organizations, especially federal agencies, will always find themselves at some level ...
Securing Your Software Development Pipelines
Earlier this year, it was announced that the attack on IT management software provider SolarWinds had been used to compromise other organizations, including parts of the United States government. There were several ...
Salt Security Adds Support for GraphQL APIs
Salt Security has extended its platform for securing application programming interfaces (APIs) to include support for APIs built using GraphQL. GraphQL is an open source data query and manipulation language for APIs ...
Sysdig Adds Cloud Access Controls to DevSecOps Platform
Sysdig announced today that it is adding a Cloud Infrastructure Entitlements Management (CIEM) capability to its Secure DevOps platform as part of an effort to better enforce least-privilege access within the context ...
Codenotary Uses Immutable Database to Verify Software Artifacts
Codenotary today unfurled a free notarization and verification service for open source artifacts and containers to enable IT organizations to track the provenance of the components that make up their applications. Dennis ...
A Blueprint for Securing Software Development
Software development has changed dramatically in recent years, as technologies like DevOps, application containers, and cloud-native transform how software is built and distributed. Unfortunately, attackers have been paying close attention to these ...
