Security will continue to cause headaches in 2023. Not only will companies have to continue dealing with the normal issues like supply chain security and preventing ransomware, which they’ll continue to deal with, but a number of companies see other issues on the horizon for 2023. Supply chain attacks are ones in which the attackers … continue reading
Microsoft announced that Spring Cloud Azure version 4.5.0 has been released and is available from Maven Central. This is the first stable version to support passwordless connections to Azure Database for MySQL and Azure Database for PostgreSQL. Spring Cloud Azure is a framework that provides a way to build cloud-native applications using Azure services. It … continue reading
Developer security company Snyk today announced a $196.5 million Series G investment. The round was led by Qatar Investment Authority with participation from new investors Evolution Equity Partners, G Squared, and Irving Investors as well as existing investors boldstart ventures, Sands Capital, and Tiger Global. According to the company, this comes after a year of … continue reading
Contrast Security launched its developer-focused education program Contrast Security Learning Hub and the Contrast Community forum to broaden access to secure coding practices. The learning hub is a free program that provides interactive lessons on vulnerabilities across different languages and ecosystems. The program covers existing OWASP topics and JavaScript, Java, .NET, and Node.js programming languages. … continue reading
How developer-friendly is your organization’s security program? The answer is as important as ever in today’s digital economy. High-performing organizations empower developers with tools, training and resources to do high-quality work, with security top of mind. This results in the ability to build secure applications quickly that consistently meet expectations and mitigate risk. As we … continue reading
Security and value emerged as two important aspects of DevOps as 2022 unfolded. Yet, with as much success as organizations have achieved implementing their own DevOps strategies, many others struggled to make it work for them. Part of the struggle is an outgrowth of the “shift left” strategy advocated in the DevOps space, leaving developers … continue reading
1Password, the human-centric security and privacy company, today announced a solution intended to help companies improve the way that they manage and secure infrastructure secrets throughout the development lifecycle. According to 1Password, the new features, including the CI/CD integrations and 1Password Shell Plugins, offer developers the opportunity to secure their code by managing keys, credentials, … continue reading
GitLab announced limited availability of GitLab Dedicated, a platform for securely and privately hosting and managing GitLab instances, which makes the company’s DevSecOps platform available as a single-tenant SaaS solution. It provides advanced features such as automated backups, high availability, and automation of operations. It also offers a managed environment for hosting and managing Kubernetes … continue reading
The automated testing company, Code Intelligence, today announced that its open-source Command-Line Interface tool, CI Fuzz CLI, now enables Java developers to include fuzz testing in their current JUnit setup. With this, Java developers can locate functional bugs as well as security vulnerabilities at scale. According to the company, CI Fuzz CLI leverages genetic and … continue reading
Snyk announced many innovations that extend the scope of the company’s Developer Security Platform during its SnykLaunch Fall 2022 event. This includes the general availability of Snyk Cloud, which offers tools to help fix software vulnerabilities such as a vulnerability scanner and a patch management system that was launched in July 2022 with limited availability. … continue reading
Google announced that it open-sourced several components for its secure operating system called KataOS as part of an effort to build verifiably secure systems for embedded hardware. Google Research aims to solve this problem by providing a secure platform optimized for embedded devices running ML applications. SeL4 is the microkernel for the project because it … continue reading
The team at the monitoring and security platform for cloud applications, Datadog, has announced the general availability of Datadog Continuous Testing. This helps developers and quality engineers create, manage, and run end-to-end tests for their web applications. This release is intended to simplify test creation in order to speed up software release cycles by providing … continue reading