Tag: SCA
JFrog Adds Ability to Track Usage of AI Coding Tools
Mike Vizard | | AI API management, AI code auditing, AI coding tools, AI compliance tracking, AI Governance, AI in DevOps, AI model inventory, AI risk mitigation, AI-generated code, application security, code risk detection, devsecops, Large Language Models, LLM security, MLOps, SCA, secure coding practices, Shadow AI detection, software composition analysis, software provenance, Software Supply Chain Security, software vulnerabilities, source code scanningJFrog introduces AI-Generated Code Detection and Shadow AI Detection tools to identify AI-created code, track model usage, and enhance DevSecOps governance across software supply chains ...
SBOMs Are Not Enough
Track your components, patch when needed and you’ve got your risk covered. But that’s only part of the story ...
The IT-DevOps Life Cycle is Like a Pyramid That Keeps Growing
Don Macvittie | | application testing, coding assistant, IT architecture, SaaS, SBoM, SCA, security testing, workloadFor the most part, the demand for new technology to solve age-old problems has been a net increase in workload ...
It’s Funny How We Forgot About Container Sprawl
Don MacVittie explains how DevOps technology and tools have saved developers from the horrors of container sprawl ...
ForAllSecure Streamlines Application Security Testing
ForAllSecure provided early access to dynamic SBOM generation and SCA validation capabilities within its Mayhem Security automated code and API testing tool ...
Technical Debt: Don’t Buy Buzzwords
Buying into the 'next big new shiny thing' only increases your technical debt. Don MacVittie advises only buying what's necessary ...
Low-Hanging Fruit, 2023 Edition: Part Two
Don Macvittie | | container, container Registry, container security, SBoM, SCA, security, software bill of materials, Software Supply Chain, Source Composition AnalysisLast time, we discussed setting up a comparative inventory system for your growing API footprint. The idea is that as security catches up to new technology deployments, enterprises will have to step ...
The Security Pipeline
Don Macvittie | | agile, container image scanning, DAST, devsecops, IAST, SAST, SBoM, SCA, security, security integrationOver the last few years, the ability to secure our applications has grown, and deep integration into the DevOps toolchain has, too. There are more tools doing more security checks protecting more ...
Software Supply Chain Risk Management: A 2023 Guide
Software supply chain risk management (SSCRM) refers to the process of identifying, assessing and mitigating risks associated with third-party software components and services that are integrated into software products. SSCRM involves understanding ...
Addressing Software Supply Chain Security
Tomislav Pericin | | DAST, SAST, SCA, Software Supply Chain, software supply chain attacks, Software Supply Chain SecurityIt’s essential for organizations to learn more about the software supply chains they rely on and the steps needed to secure them. In just the past few years, we have seen a ...
Modern DevOps is a Chance to Make Security Part of the Process
I’ve mentioned before, and many of you have lived through, the slowly changing beliefs around DevOps versus security. We are past the days of “Security slows us down” and into “How can ...
ReversingLabs Adds Ability to Detect Secrets in Application Binaries
ReversingLabs today announced it added an ability to detect secrets exposed in application binaries to its Software Supply Chain Security (SSCS) platform. Tomislav Peričin, chief software architect for ReversingLabs, said this addition ...
