Where the world meets DevOps Fri, 20 Oct 2023 15:44:39 +0000 en-US hourly 1 https://devops.com/wp-content/uploads/2021/10/android-chrome-256x256-1-130x130.png 32 32 https://devops.com/survey-sees-spike-in-untested-code-leading-to-a-devops-crisis/ Fri, 20 Oct 2023 15:44:39 +0000 https://devops.com/?p=166146 A Sauce Labs survey found many developers admitted they pushed code into a production environment without testing.]]> https://devops.com/outsystems-embraces-generative-ai-to-speed-app-dev/ Mon, 26 Jun 2023 17:34:08 +0000 https://devops.com/?p=162434 OutSystems, via a Project Morpheus initiative, intends to leverage generative artificial intelligence (AI) technologies to make it possible to automatically generate an application that developers will then use low-code tools to customize for specific use cases. In the meantime, the company is extending an existing alliance with Microsoft to provide a connector that integrates its […]]]> https://devops.com/a-devops-guide-to-the-language-of-devsecops/ https://devops.com/a-devops-guide-to-the-language-of-devsecops/#respond Fri, 07 Apr 2023 12:30:58 +0000 https://devops.com/?p=159644 Security is increasingly important for DevOps due to the growing complexity of applications and the accelerated pace of development. As organizations adopt DevOps practices, they face new challenges in securing applications and infrastructure: Increased complexity and automated processes: With automation at the core of DevOps, processes and applications are more intricate. This can introduce vulnerabilities […]]]> https://devops.com/a-devops-guide-to-the-language-of-devsecops/feed/ 0 https://devops.com/a-seven-point-checklist-for-getting-sast-right/ https://devops.com/a-seven-point-checklist-for-getting-sast-right/#respond Fri, 24 Mar 2023 12:30:22 +0000 https://devops.com/?p=159583 With so many physical products—from automobiles to airplanes and medical devices to industrial control systems—now being driven by software, product security has become a top-level concern for manufacturers. Software flaws can not only affect security by introducing vulnerabilities that can be exploited by attackers but also impact safety by compromising a product’s functional operation. In […]]]> https://devops.com/a-seven-point-checklist-for-getting-sast-right/feed/ 0 https://devops.com/google-allies-with-github-to-secure-software-supply-chains/ https://devops.com/google-allies-with-github-to-secure-software-supply-chains/#respond Thu, 07 Apr 2022 20:00:12 +0000 https://devops.com/?p=151416 Google today revealed it has been working with GitHub to create a forgery-proof method for signing source code as part of an ongoing effort to better secure software supply chains. Bob Callaway, technology lead for open source software supply chain security at Google, said a prototype of this method, written in the Go programming language, […]]]> https://devops.com/google-allies-with-github-to-secure-software-supply-chains/feed/ 0 https://devops.com/securely-streamline-code-signing-for-devops-and-devsecops/ https://devops.com/securely-streamline-code-signing-for-devops-and-devsecops/#comments Mon, 23 Nov 2020 08:00:57 +0000 https://devops.com/?p=140240 Introducing code-signing provides security within the application, but teams should take care to understand and implement the process effectively Digital certificate management, with hundreds or thousands of certificates required to support IT infrastructure, can easily lead to degradation of application integrity and unnecessary risk to the business. The cumbersome nature of siloed teams manually managing […]]]> https://devops.com/securely-streamline-code-signing-for-devops-and-devsecops/feed/ 1 https://devops.com/accurics-makes-infrastructure-as-code-more-secure/ https://devops.com/accurics-makes-infrastructure-as-code-more-secure/#comments Tue, 28 Apr 2020 12:00:59 +0000 https://devops.com/?p=135758 Fresh off raising $5 million in funding, Accurics today launched a platform that analyzes the code employed to manage infrastructure as code for vulnerabilities as well as indicators of drift to create a threat model for cloud application workloads and then, if necessary, automatically roll back cloud settings to their last known approved state. Accurics CEO […]]]> https://devops.com/accurics-makes-infrastructure-as-code-more-secure/feed/ 3 https://devops.com/securing-third-party-and-open-source-code-components-a-primer/ https://devops.com/securing-third-party-and-open-source-code-components-a-primer/#comments Thu, 24 May 2018 06:30:09 +0000 https://devops.com/?p=123865 The increasing popularity of open source code continues to be a boon for developers across the industry, allowing them to increase efficiency and streamline delivery. But there are security risks to be considered when leveraging open source and commercial code components, as each carries with it a significant risk of becoming the enemy within, creating […]]]> https://devops.com/securing-third-party-and-open-source-code-components-a-primer/feed/ 3