Tag: open source
Open Source Software Security Concerns with Spike Curtis
Spike Curtis, principal engineer for Coder Technologies, dives into why open source software security concerns are valid, and why the only viable option is to invest more in securing software supply chains ...
Life After Death, HeroDevs Acquires Xeol To Remediate Unsupported Software Zombies
Adrian Bridgwater | | application development, depracated, developers, Devops for legacy, open source, securityXeol tracks end-of-life data in 100,000+ open-source software packages to help identify and remediate unsupported software in one streamlined workflow ...
Endor Labs Forks Semgrep to Opengrep for Static Code Analysis
Adrian Bridgwater | | CI/CD, continuous integration, continuous testing, developers, devops, devsecops, open source, software developmentSoftware application development lifecycle (SDLC) analysis company Endor Labs has worked with a cadre of industry partners to now launch Opengrep, a toolset designed to ensure static software application code analysis remains ...
Software Dev Culture Shock: “I Have to Do WHAT Now!?”
Software bills of materials (SBOMs) have sparked a real culture shock in developer teams that are being made to account for – and be scrutinized over – the minute decisions they make ...
Best of 2024: Valkey is Rapidly Overtaking Redis
Steven J. Vaughan-Nichols | | database, dbms, key-value database, Linux Foundation, open source, Redis, source available, valkeyRedis is taking it in the chops, as both maintainers and customers move to the Valkey Redis fork ...
Perforce Forks Puppet, Community Considers Muppet
Adrian Bridgwater | | ai, continuous delivery, continuous testing, devops, open source, software developmentDevOps platform company Perforce is forking Puppet, the open-source configuration management technology it acquired in May 2022 ...
Report Shines Spotlight on Open Source Software Security Challenges
An analysis of more than five million open-source software packages published by Lineaje, a provider of a platform for tracking open-source software components, finds 95% of security issues involve some type of ...
Code Busters: Are Ghost Engineers Haunting DevOps Productivity?
Adrian Bridgwater | | application development, automation, CI/CD, developers, devops, devops culture, open source, software developmentA study coming out of Stanford University conducted by software engineering productivity specialist Yegor Denisov-Blanch claims that developer teams are rife with so-called ghost engineers who do virtually no work ...
Sonatype Report Surfaces Software Supply Chain Security Challenges
Sonatype today during a virtual All-Day DevOps (ADD) event shared the results of a report that finds there has been a 156% increase in the number of malicious open source packages year-over-year, ...
Survey Finds Compensation Drives Better Open Source Software Security Behavior
A survey of 400 maintainers of open-source software projects suggests IT organizations should be paying a lot more attention to the degree to which the stewards of these projects are compensated before ...
GitHub Steers Copilot Autofix Into Eye of AI Security Storm
GitHub has come forward with its new Copilot Autofix tool. This AI-driven software service is targeted at developers who need to address software vulnerabilities in code destined for traditional applications and inside ...
Endor Labs Adds Analytics and Patching Tools to Secure Open Source Software
Endor Labs today at the Black Hat USA 2024 conference revealed it has added an ability to determine how challenging it might prove to be to upgrade an open source software package, ...
