Software Development

Refactoring a Live SaaS Environment

Refactoring a Live SaaS Environment

| | api, SaaS, Software Development, software engineering, static code analysis
We decided to refactor and re-implement almost all of our back-end and UI. This is how we went through the design and implementation. You can experience the new design by trying ShiftLeft ...
ShiftLeft Blog - Medium
voting-machine

U.S. Elections: Effectively Balancing Access and Security

| | election, government, Hacking, security, Software Development
For a Democratic Party desperate to unseat President Trump in November, the primary election process has been filled with large-scale technology failure, official miscalculations, voter annoyance and public embarrassment, not to mention ...
The State of Security

Sonatype: Fighting COVID-19 Together

| | community, COVID-19, FEATURED, News and Views, Software Development, software innovation
The world is facing an unprecedented challenge with communities and economies everywhere affected by the growing COVID-19 pandemic. That's the bad news. The good news however is that the entire world -- ...
Sonatype Blog
cybersecurity DevOps

Security Compass CEO Sets DevSecOps Strategy

| | Cybersecurity, DevSecOps, funding, Information Security, Software Development
Security Compass, a provider of tools for streamlining risk analysis, has appointed Rohit Sethi to be its CEO after receiving additional funding from FTV Capital. Security Compass founder and previous CEO Nish ...
Security Boulevard

PSA: Beware of Exposing Ports in Docker

| | containers, DEVOPS, Docker, Software Development
Docker is an awesome technology, and it’s prevalent in nearly every software developer’s workflow. It is useful for creating identical environments and sharing them between development, testing, production, and others. It’s a ...
The State of Security

“This is the New Op Model” – Why State Farm Sponsored ADDO, and the Results

| | all day devops, application development, cultural transformation, devops best practices, Everything Open Source, Post developers/devops, Software Development
Sonatype is among the many supporters of All Day DevOps (ADDO), the world’s largest conference for DevOps practitioners. Close to 40,000 people attended this year’s 24-hour event -- and 10% of them ...
Sonatype Blog
A New Approach to Application Security Testing

A New Approach to Application Security Testing

| | Application Security, security, shiftleft, Software Development
If the appsec industry were to develop a better AST solution from scratch, what would it look like?As software, aka applications, microservices, and workloads, increasingly moves into the cloud, its protection has ...
ShiftLeft Blog - Medium
ShiftLeft Ocular Identifies Business Logic Flaws 10x Faster than Manual Code Reviews

ShiftLeft Ocular Identifies Business Logic Flaws 10x Faster than Manual Code Reviews

| | AppSec, AppSec Testing, business-logic, shiftleft, Software Development
Today we’re announcing enhancements to Ocular that empower organizations to discover business logic flaws during application development 10 times faster than manual code reviews.Updates to Ocular include support for four new programming ...
ShiftLeft Blog - Medium

NIST proposes Secure Software Development Framework

| | app-security, Application Security, Application Security Testing, security, Software Development
Ever since Bill Gates fired off his famous Trustworthy Computing memo in January 2002, developing secure software has been a hot topic of discussion. It was important before then, for sure, but ...
Cybersecurity Matters – DXC Blogs
DevSecOps Makes a Difference, but Uptake is Slow

DevSecOps Makes a Difference, but Uptake is Slow

| | Data breach, DEVOPS, DevSecOps, security posture, Software Development
A new study touts the benefits of DevSecOps practice for improving security posture, but finds it is slow to catch on in many organizations. The survey released this month from Sonatype, CloudBees, ...
Security Boulevard
Load more