Progress announced 10 years of partnership with emt Distribution — a leading cybersecurity distributor in the Middle East and Africa.
ActiveState surveyed developers and programmers in 92 countries to better understand their pain points and assess how businesses can better work with their organizations. The survey results establish a starting point for understanding the challenges that coders (developers, engineers, data scientists, QA and so on) confront when working with open source runtimes.
Blocks to Productivity
One fact the survey highlighted is that developers need to streamline their workflow in order to increase productivity. Developers and programmers spend only two to four hours of their day programming, on average. Productivity is disrupted due to time spent managing other issues such as polyglot environments and retrofitting. Enterprises are lacking resources that developers need to streamline their workflow.
The survey confirmed that security, defined here as being up to date with the latest or most secure version of packages used, is suffering. Management is unable to assess risks due to lack of visibility. For instance, 61 percent of respondents found it difficult or very difficult to get information about package quality – security, activity or updates.
Production code isn't being tracked, creating a gap in vulnerability assessment. This creates additional issues in security as there is lack of visibility of where code is specifically running that requires updates or patches. Consequently, half of developers surveyed expressed a deep concern about security.
In addition, new tool adoption turns out to be more cumbersome than helpful. In fact, developers already spend 74 % of their time managing dependencies and development tools. A whopping 67 % – more than two-thirds – opted out of implementing a new programming language due to the hassle of incorporating a new programming language. Not surprisingly, adding or incorporating a programming language into an organization was rated the most difficult challenge, by a significant margin; 56% of all respondents rated this as difficult or very difficult.
Bridging the Developer-Enterprise Gap
The above survey data is an invaluable tool to measure and track progress towards solving open source runtime pains that developers are experiencing. In order to relieve developers of these pains and better enable quicker release updates, we need to look at a top-down and bottom-up approach. The gap between the developer and the enterprise needs to be bridged through clear communication of needs.
One approach is to have a "bill of materials" of all the packages running in production as well as the applications and their respective dependencies of where the code is running.
Another approach is to facilitate the developer implementing what's required from a license and security perspective. Solving developers' problem spots will increase their productivity and their job satisfaction, benefiting developers and their organizations alike.
Industry News
Port announced $35 million in Series B funding, bringing its total funding to $58M to date.
Parasoft has made another step in strategically integrating AI and ML quality enhancements where development teams need them most, such as using natural language for troubleshooting or checking code in real time.
MuleSoft announced the general availability of full lifecycle AsyncAPI support, enabling organizations to power AI agents with real-time data through seamless integration with event-driven architectures (EDAs).
Numecent announced they have expanded their Microsoft collaboration with the launch of Cloudpager's new integration to App attach in Azure Virtual Desktop.
Progress announced the completion of the acquisition of ShareFile, a business unit of Cloud Software Group, providing a SaaS-native, AI-powered, document-centric collaboration platform, focusing on industry segments including business and professional services, financial services, industrial and healthcare.
Incredibuild announced the acquisition of Garden, a provider of DevOps pipeline acceleration solutions.
The Open Source Security Foundation (OpenSSF) announced an expansion of its free course “Developing Secure Software” (LFD121).
Redgate announced that its core solutions are listed in Amazon Web Services (AWS) Marketplace.
LambdaTest introduced a suite of new features to its AI-powered Test Manager, designed to simplify and enhance the test management experience for software development and QA teams.
StackHawk launched Oversight to provide security teams with a birds-eye view of their API security program.
DataStax announced the enhancement of its GitHub Copilot extension with its AI Platform-as-a-Service (AI PaaS) solution.
Opsera partnered with Databricks to empower software and DevOps engineers to deliver software faster, safer and smarter through AI/ML model deployments and schema rollback capabilities.
GitHub announced the next evolution of its Copilot-powered developer platform.
Crowdbotics released an extension for GitHub Copilot, available now through the GitHub and Azure Marketplaces.