At this point, the concept of DevOps should be familiar to everyone. But with the rise of cybersecurity attacks, organizations have seen the need to incorporate security into the mix. Thus, the idea of DevSecOps. Though the concept and practices were created with the best intentions, the number of cybersecurity attacks continues to rise, which … continue reading
From the WannaCry ransomware attack that resonated across the globe, to the massive Equifax breach and series of security mistakes that followed, 2017 saw a major uptick in cyberattacks, with no signs of slowing down. While each incident was unique, they all highlighted the complexity of applying security at scale. Wrangling the vast number of … continue reading
A DevSecOps strategy won’t work if developers haven’t bought into the movement. CA Veracode held a virtual summit on Assembling the Pieces of the DevSecOps Puzzle yesterday to talk about the importance of developer security training in a DevOps environment. According to Sonali Shah, VP of product management and marketing for CA Veracode, while the … continue reading
Chef has announced the latest release of its compliance automation tool. InSpec 2.0 is designed to accelerate DevSecOps with cross-functional, infrastructure, security, assessment, and remediation features. “InSpec 2.0 builds on our commitment to build the essential tools and services needed for modern application teams to truly deliver on the promise of DevSecOps, fully integrating security … continue reading
There has been a lot of recent focus of shifting testing left, but a part of that which doesn’t get much attention is API testing. Akshay Aggarwal, CEO of PeachTech and founder and COO of Deja Vu Security, believes that companies can better manage API testing by approaching it in a DevSecOps way. It needs … continue reading
DevOps continued to dominate development teams and businesses throughout the year with organizations trying to reap the benefits. A Logz.io study found that despite DevOps being a well-known phenomenon, 50 percent of respondents are still in the process of implementing DevOps or have just implemented it within the past year. In the past year, many … continue reading
Security isn’t the only aspect overlooked in a DevOps approach. According to Robert Reeves, co-founder and CTO of Datical, a database automation company, database deployments are often forgotten about. “Pushing out the application is the easy part of DevOps,” he said. “It is managing and automating database changes that is the real challenge.” According to … continue reading
In a recent survey conducted by Gartner, the organization found that the highest-ranked strategy for a successful DevOps approach was collaboration with information security. “In the past 12 months at Gartner, how to securely integrate security into DevOps — delivering DevSecOps — has been one of the fastest-growing areas of interest of clients, with more … continue reading
Software is the lifeblood of most businesses today. So, what happens if that software is unreliable or insecure? It seems like a no-brainer that the software being pushed out should be protected. But, as software is being developed and deployed at a rapid pace, an important aspect of the life cycle gets lost in the … continue reading
The idea that developers don’t care about application security is a myth. A recently released report found that not only do developers take application security seriously, they take the time to find and fix vulnerabilities in their applications. “Developers want to create great code, and to them that also means code that won’t get their … continue reading
The final developer preview of Android 8.1 is now available. This is the last update Google plans to roll out before the operating system’s official launch. The latest update will have optimizations for Android Go and a new Neural Networks API, as well as several other enhancements. Android 8.1 will be available on all supported … continue reading
CA Technologies is bringing agile practices, intelligent automation, experience insights and end-to-end security to customers in its latest release. The company has announced the addition of more than 20 new products and enhancements to its Modern Software Factory portfolio at CA World 2017. “The Modern Software Factory frames how organizations transform themselves by leveraging agile, … continue reading