Development

A Modern Development Stack Makes Work More Fun

| | career, company, Development
One of the many things I like about working at Cequence, over and above the protection value we provide our customers, is our commitment to using modern application development tools like Kubernetes, ...
Cequence
ShiftLeft NG SAST integration with Bitbucket Code insights

DevSecOps with Atlassian Bitbucket

| | BitBucket, Development, DevSecOps, productivity, Terraform
DevSecOps with BitbucketThis article was originally published at ShiftLeft Blog.In my inaugural post on DevSecOps with GitHub, I made an assertion that achieving good productivity is a continuous journey and a shared ...
ShiftLeft Blog - Medium
DevOps productivity series — GitHub for DevSecOps

DevOps productivity series — GitHub for DevSecOps

| | Code, Development, DevSecOps, productivity, Terraform
GitHub & DevSecOps Productivity TipsThis article was originally published at ShiftLeft Blog.My colleague Andrew Fife wrote about our passion to focus on developer experience and productivity with our NextGen Static Analysis platform ...
ShiftLeft Blog - Medium
An Oxymoron : Static Analysis of a Dynamic Language (Part 4)

An Oxymoron : Static Analysis of a Dynamic Language (Part 4)

| | Cybersecurity, Development, DEVOPS, Javascript, nodejs
An Oxymoron : Static Analysis of a Dynamic Language (Part 4)Taint Flow challenges in a world of untyped and async event handlingFrom the previous post we concluded that type-checking at compile-time can ...
ShiftLeft Blog - Medium
Thoughts on the state of enterprise open source

Thoughts on the state of enterprise open source

| | Cloud, Development, DEVOPS, open source, security
“Open source is bad since it’s full of security vulnerabilities, unmaintained dependencies and poor documentation,” said this security vendor as they began their opening speech before delving into their product that offered ...
ShiftLeft Blog - Medium

Moving Fast Without API Guardrails?

| | API Attack, API security, application, Development, General
In 1999, Bruce Schneir wrote, “complexity is the worst enemy of security.” Today, I’d argue that speed may be overtaking that top spot or coming darned close. There were two stories published ...
Cequence
Are we ready for Cloud Workspaces?

Are we ready for Cloud Workspaces?

| | cloud computing, Development, DEVOPS, security, workspace
TL;DR - Yes, we are getting there, and we ❤️ them already!IntroductionWeb-based IDEs such as GitHub & Visual Studio Codespaces (originally Visual Studio Online), Gitpod based on Eclipse Theia are now offering ...
ShiftLeft Blog - Medium
Your 2019 Essential Software Security, Development, & DevOps Conferences

Your 2019 Essential Software Security, Development, & DevOps Conferences

| | AISA Australian Cyber Conference, Application Security Trends, BitKom Hub Berlin, Black Hat USA, Blog, BSides Las Vegas, BSides Vancouver, CISO Africa, DefCon 27, DeveloperWeek, Development, DEVOPS, DevOps Conferences, DevSecCon London, DevSecCon Singapore, Gartner Security & Risk Management Summit, HouSecCon, infosecurity-europe, IT Security Expo and Congress, it-sa, Les Assises, Nullcon X Conference, Rencontres De La Securite, RSA Conference, RSA Conference APJ, Software Security, Top 100 CISO Awards & Annual Summit
“DevOps” encompasses a wide range of topics – throw security in there and you’ve added even more. This roundup includes events throughout the year and around the globe, from small events to ...
Blog – Checkmarx
personality traits

People: The Critical Element in DevSecOps

| | Development, DEVOPS, DevSecOps, security, software
In his talk, “DevOps is Automation, DevSecOps is People,” at the 2018 Security Congress in New Orleans, Mike Shema, CISO at Colbalt.io, said there needs to be a more collaborative approach when ...
Security Boulevard
Joe Goldberg

Site Reliability Engineering – From DevOps to NoOps

| | Cloud, cloud computing, developer, Development, DEVOPS, Engineering, Infrastructure, SRE
Site Reliability Engineering (SRE) is a practice that combines software development skills and IT operations into a single job function. Automation and continuous integration and delivery are used to reach the goal ...
CCSI
Load more