A new study from the University of Sydney, UESTC, and Google introduces efficient end-to-end encryption for Git services like GitHub and GitLab. Learn how this breakthrough could secure your code repositories without slowing development.
Whose Ops is it Anyway? How IDPs, AI and Security are Evolving Developer Culture
It was only a few years ago that perhaps the biggest hurdle for DevOps advocates was convincing leadership that it was worth the investment. That conversation has since shifted. In most organisations today, the value of faster releases, tighter feedback loops, and closer collaboration between development and operations is obvious. The challenge is no longer […]
Worms in the Supply Chain: Shai-Hulud and the Next DevOps Reckoning
DevOps was supposed to make software delivery faster, safer and more reliable. For the most part, it has. But every so often, something nasty crawls out of the shadows and reminds us how fragile the system really is. It wasn’t a zero-day in Kubernetes or a cloud misconfiguration that caught my eye. It was a […]
The EU’s Cyber Resilience Act: Redefining Secure Software Development
The European Union’s Cyber Resilience Act (CRA) marks a turning point for anyone building, selling, or maintaining digital products. Whether it’s enterprise software, consumer apps, IoT devices, or embedded systems, the CRA sets rigorous cybersecurity requirements that apply throughout a product’s entire lifecycle, from design and development to deployment, maintenance, and secure decommissioning. At its […]
HoundDog.ai Code Scanner Shifts Data Privacy Responsibility Left
HoundDog.ai today made generally available a namesake static code scanner that enables security and privacy teams to enforce guardrails on sensitive data embedded in large language model (LLM) prompts or exposed artificial intelligence (AI) data sinks, such as logs and temporary files, before any code is pushed to production. Company CEO Amjad Afanah said the […]
“Shove Left” – Dumping Downstream Tasks Onto Developers – A Recipe for Failure
Beware the “Shove Left” anti-pattern. Simply dumping downstream tasks onto developers without changing the system is a recipe for burnout, inefficiency and failure.
Survey Surfaces Significant Lack of Visibility Into Software Supply Chain Risks
A global survey of 1,500 C-suite and senior executives published today finds about half (49%) concede their organization lacks the visibility needed to fully understand – or even identify – software supply chain risks.
Why DevSecOps Isn’t a Thing Yet
One of the biggest obstacles to DevSecOps adoption is the cultural gap between development, security, and operations teams.
Shift Left Alone is No Longer Enough, Runtime Context is Key
For a long time, security teams have been told that shifting left is the key to securing their apps and systems. And until recently, this was (mostly) sufficient. As long as security experts were included early enough in the development process, it worked to ensure that security awareness starts at the development and even design […]
JFrog Extends Alliance With NVIDIA to Secure AI Software Supply Chain
JFrog and NVIDIA today announced they have expanded the integrations between their software development platforms to now include the Enterprise AI Factory, a set of frameworks and blueprints for building artificial intelligence (AI) applications. As a result, software artifacts created using the NVIDIA Enterprise AI Factory can be housed in the JFrog Software Supply Chain […]
- « Previous Page
- 1
- …
- 3
- 4
- 5
- 6
- 7
- …
- 113
- Next Page »