Vendor Forum

October 07, 2019
Malcolm Isaacs
Micro Focus

The concept of infusing security into the mindset and the processes of software delivery is often called "DevSecOps." Since developers, testers, and operations staff are all part of the same DevOps team, they must all take responsibility for their software's security, from design through development, and out into production. Here are some practical steps that teams can take to introduce security into their DevOps pipelines, making them DevSecOps pipelines ...

October 03, 2019
Manish Gupta
ShiftLeft

In the first blog of this series, I discussed what would it take to insert security into DevOps and arrived at the helpful mnemonic SECURIDY to capture the key requirements. As a continuation of that blog, I thought it would be valuable to take some of the popular technologies and measure them against this framework to see which are still well-suited for today's world of DevOps, as well as which fall short and why ...

October 01, 2019
Joey van Ommen
MessageBird

With the speed of innovation ever on the rise, customers expect the latest, greatest features and updates at their fingertips. That means businesses have to ship and deliver more features and products than ever before, faster than before — making it harder for often-overburdened technical teams to keep up with the rapid pace of change as they innovate and execute. With developer resources in high demand, no-code, low-code solutions promise to clear up backlogs and spark innovation by building up a citizen developer workforce ...

September 30, 2019
John Matthew Holt
Waratek

Today, performance bugs and memory bugs are the least of the worries facing the developer community. Instead, a new crisis has surfaced: security bugs. Security bugs are so much more concerning than the other bugs because security bugs will get you "pwned!" ...

September 23, 2019
Balaji Parimi
CloudKnox Security

Cloud infrastructure has seen accelerating levels of automation over the past few years. While the new, unprecedented level of automation delivers benefits like speed and agility, it also introduces enormous risk. The probability of identities misusing privileges (whether intentional or not) has increased greatly for any enterprise planning a cloud migration or already embracing the cloud ...

September 19, 2019
Malcolm Isaacs
Micro Focus

The end of 2019 is almost in sight, which makes this the perfect time to review the financial impact that DevOps has had on your business thus far. Formulating your lessons learned will help you make the best adjustments and get the most out of 2020 ...

September 17, 2019
Ajay Kaul
AgreeYa Solutions

While DevOps has been around for a decade and has proven effective in delivering applications faster and more reliably while saving money, many organizations have not embraced or implemented DevOps methods. In order to effectively implement DevOps throughout an organization, changes are required in its technology culture — beginning at the top ...

September 16, 2019
Eric Sheridan
WhiteHat Security

Step 10 of the Twelve-Factor App highlights DEV/product parity and relates to keeping development, staging and production as similar as possible ...

September 10, 2019
Tim Hollebeek
DigiCert

DevOps will need to revisit security at it prepares to take advantage of all that quantum computing has to offer. Most security experts surmise that quantum crypto algorithms will eventually render RSA cryptography and ECC useless. Because of the security impact, particularly as it relates to the formidable crypto algorithms, my recommendation for DevOps is to prepare now ...

September 09, 2019
Ranny Nachmias
Alcide

So you think your K8s cluster is configured correctly? Well … think again. How do we know? Alcide just completed an analysis of Kubernetes multi-cluster vulnerabilities, and the results are not good ...

September 05, 2019
Joey van Ommen
MessageBird

In today's digital age, enterprises of all sizes, in industries across the board, need scalable, flexible IT systems that enable them to compete, innovate, and experiment at a rapid pace. APIs are reframing the way we do business — unlocking new opportunities to connect businesses with customers in every corner of the world, while delivering the immediate, personalized, omnichannel experience customers want and increasingly demand ...

August 26, 2019
Rod Cope
Perforce

Today's choice of Agile methodologies is far greater than just the original XP (Extreme Programming) and Scrum, both introduced over two decades ago. Plus, there is a raft of hybrid Agile approaches emerging, in response to organizations needing large-scale Agile, to support compliance and coexist with more traditional methodologies ...

August 21, 2019
David Sawatzke
Xoriant

Few things will kill the buzz of a productive DevOps partnership like the tension of looming deadlines that might not be met. How to stay on time and on budget? It helps to have the collaborative approach that is integral to any effective DevOps project. Both the "Dev" people (product developers and others) and the "Ops" people (system engineers and others) will need planning and communication strategies to help them prioritize their speed-to-market goals ...

August 19, 2019
Mark Lambert
Applitools

Most software isn't fully tested, and the decision of what to test is essentially based on developers' best guesses about what is critical functionality. During a SCRUM sprint, or an iteration in other processes, it's difficult to determine what to test, because, of course, "test everything" isn't an option. Since timelines are short, only parts of the software that were updated by the latest functionality can be tested, but exactly what code is impacted is usually unknown ...

August 15, 2019
Mark Lambert
Applitools

Software testing is still a bottleneck, even after the implementation of modern development processes like Agile, DevOps, and Continuous Integration/Deployment. In some cases, software teams aren't testing nearly enough and have to deal with bugs and security vulnerabilities at the later stages of the development cycle, which creates a false assumption that these new processes can't deliver on their promise. One solution to certain classes of issues is shift right testing, which relies on monitoring the application in a production environment, but it requires a rock solid infrastructure to roll back new changes if a critical defect arises ...

Pages

Subscribe to Vendor Forum