Despite the evident evolution of the software industry, many enterprises continue deploying testing practices that require intensive time and effort, while also facing increased pressure to do more and work faster. I like to call this phenomenon “scattered islands,” as it describes the disconnect in maturity and capability across the testing landscape. The key differentiator here […]
An overview of CI/CD and DevOps When it comes to software development, there are a variety of ideologies, practices, and workflows that can be applied. The aim for all software development teams is to be as efficient as possible and deliver a high-quality final product. Both DevOps and CI/CD (Continuous integration/continuous delivery) aim to do […]
The midmarket space has always been prime for innovation and opportunity. In the DevSecOps space, that is no different. If you look at this report or others about DevSecOps markets, two things stand out: The market is expected to explode to $14 billion by 2026 from today’s nominal $2 billion. The biggest driver of the increase is the rise […]
Introducing code-signing provides security within the application, but teams should take care to understand and implement the process effectively Digital certificate management, with hundreds or thousands of certificates required to support IT infrastructure, can easily lead to degradation of application integrity and unnecessary risk to the business. The cumbersome nature of siloed teams manually managing […]
2020 will be a year we all remember for so many reasons. It has been a year full of uncertainty and confusion, and also one in which misconceptions abound. In the world of software engineering, we feel this acutely as all eyes are on the engineering team to continue building innovative new products and solutions—maintaining the […]
The Open Source Security Foundation (OpenSSF), an arm of the Linux Foundation, is providing free security training for developers building and employing open source software starting later this week as part of an overall effort to advance best DevSecOps practices. Linux Foundation CTO Chris Aniszczyk said the Secure Software Development Fundamentals professional certificate program along with additional programs and […]
Harness, at its {Unscripted} 2020 conference today, announced its plans in the fourth quarter to make available as a beta a module that leverages machine learning algorithms to optimize build and test cycles on the Harness Continuous Integration (CI) Enterprise platform. At the same time, Harness is adding a beta of a Continuous Features module to enable DevOps teams […]
The assumption that large, established enterprises—from insurance companies to government agencies—can’t adopt Agile processes or DevOps is based on the falsehood that legacy technology stacks won’t allow for it; that existing traditional mainframe applications or legacy applications that large enterprises are built on are incapable of adapting to these approaches. Accelerated Strategies Group recently released […]
ZeroNorth has extended its namesake software-as-a-service (SaaS) platform for orchestrating DevSecOps toolchains to include integrations with Scout Suite, Aqua Trivy, Gitlab and BitBucket Server and the configuration management database (CMDB) from ServiceNow. The company is also adding application portfolio reports to surface the security policies applied to each application, scan results and progress of remediation work and […]
One of the most important shifts of the past few years in finance and banking was the movement from primarily branch-based banks to mobile-first banks. While these innovative products simplify the end user experience, they also bring up more security concerns, since digital channels expose a number of vulnerabilities. These apps deal with sensitive user […]