GitLab Adds Fuzz Testing to DevSecOps Toolbox
GitLab today announced it has acquired Peach Tech, a provider of protocol fuzz testing and dynamic application security testing (DAST) API testing tools, and Fuzzit, a continuous fuzz testing tool, as part of its efforts to advance the adoption of best DevSecOps practices. David DeSanto, director of product for GitLab Secure & Defend, said the […]
Using this Time to Optimize Your Dev Team’s Workflow
As Andy Warhol once said, “They always say time changes things, but you actually have to change them yourself.” This more than ever resonates with the change that companies have found themselves experiencing of late. The more the world embraces digital methods of work, the more that change becomes paramount to a successful workflow. It […]
Who’s Responsible for Security? Apparently, It Depends
More than 10 years after organizations began implementing DevOps, responsibility for security still resembles the proverbial chicken and egg dilemma. GitLab’s 2020 Global DevSecOps Survey asked developers, security team members, operations pros and testers about sole responsibility for security in their organizations. About 28% of developers, 33% of security teams, 21% of ops pros and 23% […]
The DevOps Sweet Spot: Inserting Security at Pull Requests (Part 2)
In part one of this two-part series, I explored how organizations can more effectively automate security quality decisions and discard doing automation for automation’s sake. I shared why security scans need to be faster, more reliable and comprehensive. Only then can security be meaningfully automated into developer workflows without slowing them down. But, the other […]
Better Apps and Better Security When You Shift Left
Tens of thousands of people and hundreds of cybersecurity vendors descended on San Francisco at the end of April. While the RSA Conference was the primary draw, there are a number of peripheral events that go on throughout the week as well, such as the Cloud Security Alliance Summit, the CIO/CISO Interchange, BSides San Francisco […]
Survey Sees Little Progress in Drive to Shift Testing Left
It looks like the drive to shift testing left toward developers to accelerate the development and deployment of applications has stalled. A survey of 102 IT professionals involved in application testing published by Perforce, a provider of testing tools, finds only 18% of organizations test applications solely within their development feature teams. The rest continue […]
Shifting Left – But How Far Left Do Companies Need to Go?
For developers, there’s nothing more satisfying than looking at a web app or service and being able to say “I made that.” Or at least part of that. Being able to develop code that works and helps millions of people do what they need to get done is an excuse for bragging rights. But the […]
Practical Approaches to Long-Term Cloud-Native Security
There is no shortage of advice out there about how to secure modern, cloud-native workloads. By now, most developers and IT engineers who work with cloud-native deployments have heard all of the mantras about DevSecOps, shift-left security, multi-layer defenses and dynamic baselining (to name just some of the key concepts that are driving IT security […]
How Organizations Benefit from AWS App Patterns
As a startup, an organization thrives by breaking rules, challenging the status quo and standing for all that is against the norm. The same rules don’t apply once the same organization grows, matures, becomes popular, gains a long list of clients and expands to a global footprint. With scale and growth comes the need for […]
- « Previous Page
- 1
- …
- 4
- 5
- 6
- 7
- 8
- 9
- Next Page »