Ayala Goldstein

Blog – WhiteSource

Shifting left quality and security testing has finally become a practice that organizations are embracing. But even before testing the code comes code review, beginning at the earliest stages of development. Code review is essential for detecting and remediating code defects and errors before production, when they are relatively easy ... Read More

Many software developers tend to see patch management as another tedious security task that gets in the way of the development process. However, considering Forresters’s recent State of Application Security Report for 2020 predicted that application vulnerabilities will continue to be the most common external attack method, patch management is ... Read More

Free and open source software (FOSS) components have become the basic building blocks of our software products, helping today’s developers build and ship innovative products faster than ever before. Many developers tend to forget that while open source licenses are free, they still come with a set of terms and ... Read More

Open source components are a major part of the software products we create and use. Along with the many advantages that using open source projects brings to software development organizations, it also comes with obligations and added responsibilities. One of these requirements is open source licensing compliance. This is a ... Read More

Static Application Security Testing (SAST) has been a central part of application security efforts for the past 15 years. Considering Forrester’s recent State Of Application Security Report, 2020 prediction that application vulnerabilities will continue to be the most common external attack method, it’s safe to say that SAST will be ... Read More

Observability has recently become quite the buzzword, populating headlines in DevOps and IT publications. Industry experts like Charity Majors, CTO and co-founder of Honeycomb, and Cindy Sridharan, to name a few, have been spreading the word about the importance of observability, making it clear that it’s more than just a ... Read More

These days, remote work has gone from an interesting trend to consider, to a practice that many of us must adopt. The office conference room has been replaced by virtual ones, often the only place we get to catch up with our colleagues in these ever-changing and often confusing times ... Read More

Open source legend has it that Tim O’Reilly coined the term InnerSource back in 2000. While O’Reilly confesses that he doesn’t remember coming up with the term, he does remember recommending to IBM late in the 1990’s that they adopt some of the elements that make open source magic, namely ... Read More

The DevOps revolution has provided us with quite a few trends and buzzwords to experiment with. One of the most popular is GitOps, that term introduced by Weaveworks, echoing through practically every hall in the latest San Diego KubeCon, and its recaps. Over the past year or two, I’ve seen ... Read More

Open source licenses are usually viewed by developers as the dreary compliance bits that legal advisors have to take care of while they are busy creating the innovative software products of tomorrow. However, as organizations across all industries and verticals have embraced open source usage, some open source projects have ... Read More