Sign up for our newsletter!
Stay informed on the latest DevOps news

staging-devopsy.kinsta.cloud

New Relic Bolsters Observability Platform

by Leave a Comment

New Relic has updated its observability platform to include the ability to better detect and track errors in addition to monitoring vulnerabilities. At the same time, an instance of the New Relic observability platform that runs natively on the Microsoft Azure cloud platform is now also generally available. Manav Khurana, general manager for observability product […]

Software Supply Chain Security Debt is Increasing: Here’s How To Pay It Off

by Leave a Comment

Last year, the world woke up to the software supply chain dilemma. We saw a spike in attacks as hackers sought to exploit known and unknown vulnerabilities within dependencies. There is also the chance of typosquatting, and malicious code commits to consider. Such supply chain attacks have increased by a shocking 742% over the past […]

AppSec in the Cloud: What DevOps Teams Should Know

by Leave a Comment

Cloud application security refers to the measures and controls that are put in place to protect cloud-based applications and data from cyberthreats, unauthorized access and data breaches. These measures can include technical controls such as encryption, access controls and secure networks, as well as operational controls like policies and procedures for managing and securing data […]

Will DevSecOps Replace the Security Operations Center?

by Leave a Comment

Traditionally, a security operations center (SOC) is a physical facility where an organization performs information security activities. The SOC team analyzes and monitors the organization’s security systems. A SOC aims to protect businesses from security breaches by identifying, analyzing and responding to cybersecurity threats.  The SOC team consists of administrators, security analysts and security engineers. […]

How SASE Can Ease DevSecOps Adoption

by Leave a Comment

DevSecOps is a software development methodology that merges development (Dev), security (Sec) and operations (Ops) into one team that integrates security throughout the entire software development life cycle (SDLC). The goal is to deliver high-quality applications quickly and securely. The traditional software development life cycle introduces security in the late phases of the SDLC. However, […]

Salesforce Launches Low-Code DevOps Platform

by Leave a Comment

Salesforce made generally available today a low-code DevOps Center service on its infrastructure through which developers are provided an opinionated platform for building custom applications. The Salesforce DevOps Center service is based on the same object model Salesforce uses to construct its own applications. Karen Fidelak, senior director of product management at Salesforce, said after […]

Massive Number of Transitive Dependencies Traced to Open Source Code

by Leave a Comment

An analysis of nearly 2,000 software packages published by Endor Labs found 95% of all application vulnerabilities can be traced back to a transitive dependency created when a developer used an open source component. The study, conducted by the Station 9 research arm of Endor Labs, a provider of a platform for identifying software dependencies, […]

Codenotary Extends Dynamic SBOM Reach to Serverless Computing Platforms

by Leave a Comment

Codenotary has extended the reach of its platform for automatically generating software bills of materials (SBOMs) to serverless computing platforms running software constructed using functions. Codenotary CTO Dennis Zimmer said because serverless apps are dynamically created, it’s not possible to generate SBOMs using traditional approaches. The TrueSBOM platform makes it possible to create an SBOM […]

Chainguard Adds Private Edition of Code Signing Platform

by Leave a Comment

Chainguard today added a private preview of a Chainguard Enforce Signing service, enabled by the open source Sigstore project, that allows developers to generate digital signatures for software artifacts using identities and one-time-use keys they create themselves. Kim Lewandowski, head of product for Chainguard, said Chainguard Enforce Signing provides an alternative to relying on a […]

How Devs Can Improve Open Source Security in the Enterprise

by Leave a Comment

Modern applications are dynamic. They’re distributed and they’re often born in the cloud. These applications can be developed on the fly, spun up and scaled quickly to meet evolving user and market demands—enabling a level of business agility that allows users to make quick, informed decisions in real-time and take advantage of opportunities as they […]