Clik here to view.
OpenSSF Siren: Security for One, Security for All
The OpenSSF Siren is a fresh, new take on ye old security mailing list.
View ArticleClik here to view.
AlmaLinux Introduces Engineering Steering Committee to Enhance Community...
AlmaLinux is keeping its Linux community in the technology loop.
View ArticleClik here to view.
Logz’s AI Chatbot Makes Your Observability Tools Smart(er)
Everyone is adding AI to their applications. Sometimes that's overkill. But Logz.io's IQ Assistant, which purports to make the most of your software stack's records, actually makes sense.
View ArticleClik here to view.
Lineaje Adds Module to Manage Open Source Software Security Lifecycle
This can help DevSecOps teams identify open source software projects that are not being well maintained.
View ArticleClik here to view.
Embrace Extends Mobile App Alliance with Grafana Labs
Grafana Labs and Embrace, a provider of a platform for troubleshooting mobile applications, this week extended their alliance to include integration with Grafana Cloud.
View ArticleClik here to view.
Open-Source Software Community Riled by Yet Another CVE
Another maintainer of an open-source software project has decided to no longer actively update IP address parsing utilities used widely by JavaScript developers.
View ArticleClik here to view.
How to Migrate an Observability Platform to Open-Source and Cut Costs
Migrating to an open-source stack is a better solution as it gives you control over telemetry data and reduces observability costs, despite challenges with existing service provider commitments.
View ArticleClik here to view.
The Future of Observability: How OpenTelemetry is Shaping IT Operations in...
OpenTelemetry (OTel) is going to do for IT operations what open-source software originally did for application development.
View ArticleClik here to view.
Survey Finds Speed of Software Deployment Outpacing Security
A survey of 5,315 individual contributors and leaders in development, IT operations and security finds two-thirds (66%) are releasing software faster than they were a year ago.
View ArticleClik here to view.
Endor Labs Adds Analytics and Patching Tools to Secure Open Source Software
Endor Labs today at the Black Hat USA 2024 conference revealed it has added an ability to determine how challenging it might prove to be to upgrade an open source software package, including its...
View ArticleClik here to view.
GitHub Steers Copilot Autofix Into Eye of AI Security Storm
GitHub has come forward with its new Copilot Autofix tool. This AI-driven software service is targeted at developers who need to address software vulnerabilities in code destined for traditional...
View ArticleClik here to view.
Survey Finds Compensation Drives Better Open Source Software Security Behavior
A survey of 400 maintainers of open-source software projects suggests IT organizations should be paying a lot more attention to the degree to which the stewards of these projects are compensated before...
View ArticleClik here to view.
Sonatype Report Surfaces Software Supply Chain Security Challenges
Sonatype today during a virtual All-Day DevOps (ADD) event shared the results of a report that finds there has been a 156% increase in the number of malicious open source packages year-over-year,...
View ArticleClik here to view.
Edera’s Big Container Security Question: Am I Isolated?
Kubernetes security company Edera has announced an open-source container security benchmark that probes users’ runtime environments and tests for container isolation. The emotively named Am I Isolated...
View ArticleClik here to view.
Lineaje Adds Module to Manage Open Source Software Security Lifecycle
This can help DevSecOps teams identify open source software projects that are not being well maintained.
View ArticleClik here to view.
Code Busters: Are Ghost Engineers Haunting DevOps Productivity?
A study coming out of Stanford University conducted by software engineering productivity specialist Yegor Denisov-Blanch claims that developer teams are rife with so-called ghost engineers who do...
View ArticleClik here to view.
Report Shines Spotlight on Open Source Software Security Challenges
An analysis of more than five million open-source software packages published by Lineaje, a provider of a platform for tracking open-source software components, finds 95% of security issues involve...
View ArticleClik here to view.
Perforce Forks Puppet, Community Considers Muppet
DevOps platform company Perforce is forking Puppet, the open-source configuration management technology it acquired in May 2022.
View ArticleClik here to view.
Best of 2024: Valkey is Rapidly Overtaking Redis
Redis is taking it in the chops, as both maintainers and customers move to the Valkey Redis fork.
View ArticleClik here to view.
Software Dev Culture Shock: “I Have to Do WHAT Now!?”
Software bills of materials (SBOMs) have sparked a real culture shock in developer teams that are being made to account for – and be scrutinized over – the minute decisions they make in the development...
View Article