For the most part, the demand for new technology to solve age-old problems has been a net increase in workload.
Lineaje Allies With Persistent Systems on Open Source Software Remediation Service
Lineaje and Persistent Systems are providing a managed service for remediating open source vulnerabilities that leverages AI technologies.
It’s Funny How We Forgot About Container Sprawl
Don MacVittie explains how DevOps technology and tools have saved developers from the horrors of container sprawl.
ForAllSecure Streamlines Application Security Testing
ForAllSecure provided early access to dynamic SBOM generation and SCA validation capabilities within its Mayhem Security automated code and API testing tool.
Low-Hanging Fruit, 2023 Edition: Part Two
Last time, we discussed setting up a comparative inventory system for your growing API footprint. The idea is that as security catches up to new technology deployments, enterprises will have to step up their game and implement those new technologies. API security is currently the biggest need because of exposure to the world, but not […]
The Security Pipeline
Over the last few years, the ability to secure our applications has grown, and deep integration into the DevOps toolchain has, too. There are more tools doing more security checks protecting more of the infrastructure and source than there have ever been. The key is putting them to use intelligently. We now have the ability […]
ReversingLabs: Increased Focus on Software Supply Chain Security
A global survey of 300 global executives, technology and security professionals found software containing vulnerabilities (82%) followed by secrets leaked through source code (55%), malicious code (52%) and suspicious code (46%) posed a serious risk to the business. Conducted by Dimensional Research on behalf of ReversingLabs, a provider of a platform for securing software supply […]
Managing Risk
We have built some beautiful toolchains that crank out a finished product on the fly without needing anything close to the level of intervention that was historically required. The most advanced organizations on an automation journey could change a line of code and then wait for the new version to hit production without doing a […]
ActiveState Makes All Tiers of Curated Artifact Repository Service Free
ActiveState today announced it is making all tiers of its ActiveState Artifact Repository service available for free for a limited time. The move aims to enable organizations to better secure open source software components incorporated within applications. Loreli Cadapan, vice president of product for ActiveState, said the ActiveState Artifact Repository exposes a set of curated […]
Chainguard Adds Private Edition of Code Signing Platform
Chainguard today added a private preview of a Chainguard Enforce Signing service, enabled by the open source Sigstore project, that allows developers to generate digital signatures for software artifacts using identities and one-time-use keys they create themselves. Kim Lewandowski, head of product for Chainguard, said Chainguard Enforce Signing provides an alternative to relying on a […]