Articles about Developer

The switch to remote working and the surge in online shopping during 2020 has seen a greater focus on the experience that software provides.

There have of course been other pressures on developers too, but what can we expect to happen in the next year?

Continue reading →

Among the many things that have changed in 2020 it's proved to be a record year for crowdsourced cybersecurity adoption, according to Bugcrowd.

Enterprises across all industries have been implementing crowdsourced cybersecurity programs to keep up with the evolving threat landscape. Bugcrowd has seen a 50 percent increase in submissions on its platform in the last 12 months, including a 65 percent increase in Priority One (P1) submissions, which refer to the most critical security vulnerabilities.

Continue reading →

There's a battle playing out in the enterprise open source arena right now, but it's one you probably haven't heard about.

It's a clash between pure open source and commercialized open source (or 'open core') versions. While this may be below the radar for anyone not directly involved it has important long-term implications for the industry.

Continue reading →

DevSecOps methodology is an important, rapidly growing trend worldwide, with 63 percent of respondents to a new study reporting they are incorporating some measure of DevSecOps into their software development pipelines.

The survey of 1,500 IT professionals conducted by the Synopsys Cybersecurity Research Center (CyRC) and Censuswide also shows 33 percent have DevSecOps in a mature or widely deployed state in their business.

Continue reading →

The latest FOSS (Free and Open Source Software) contributor survey from the Open Source Security Foundation (OpenSSF) and the Laboratory for Innovation Science at Harvard shows respondents spend on average, just 2.27 percent of their total time on security and express little desire to increase that time.

The survey of almost 1,200 respondents working on FOSS software shows the majority of respondents (74.87 percent) are already employed full-time and more than half (51.65 percent) are specifically paid to develop FOSS.

Continue reading →

A good deal of software development now relies on open source images, but it can be hard for businesses to know if they're introducing security flaws by using them.

Canonical -- the company behind Ubuntu Linux -- is addressing this by publishing the LTS (Long Term Support) Docker Image Portfolio, a curated set of secure container application images, on Docker Hub.

Continue reading →

Launched in June of this year, the MACH Alliance (MACH standing for Microservices based, API-first, Cloud-native SaaS and Headless) is a non-profit group of tech leaders advocating for a new, open and best-of-breed enterprise technology ecosystem.

The Alliance aims to help enterprise organizations navigate the complex modern technology landscape with the belief that competitive advantage doesn't come from owning the stack, but rather from being free to select the best available resources for the moment.

Continue reading →

Many more people are now working remotely and developers are no exception. But how does this shift in working patterns affect their productivity?

We spoke to Manish Gupta, CEO and founder of code analysis specialist ShiftLeft to find out more about the challenges of development in a remote world.

Continue reading →

Virtual appliances are an inexpensive and relatively easy way for software vendors to distribute their wares for customers to deploy in public and private cloud environments, but new research shows appliances often have exploitable and fixable vulnerabilities, or are running on outdated or unsupported operating systems.

The Orca Security research study found 401,571 total vulnerabilities in scanning 2,218 virtual appliance images from 540 software vendors. This means less than eight percent of virtual appliances were free of known vulnerabilities.

Continue reading →

In order to meet short deployment cycles, 73 percent of security professionals and developers feel forced to compromise on security according to a new report.

The study into DevSecOps from open source security and license management specialist WhiteSource, based on responses from over 560 developers in the US and Europe, finds that 20 percent of respondents describe their organizations' DevSecOps practices as 'mature', while 62 percent say they are improving, with only 18 percent being classed as 'immature'.

Continue reading →

Around half of respondents to a new survey say that investment of time and resources into APIs will increase over the next 12 months, while another third think investments into APIs will stay the same, despite a tough economic environment.

The study from development collaboration platform Postman shows over 60 percent of survey respondents rate themselves as five out of 10 or better in terms of embracing an 'API-first' philosophy.

Continue reading →

The highest performing developers put out releases 15 times more often and are 26 times times faster to detect and fix open source vulnerabilities than their low performing counterparts, according to a new study.

The report from Sonatype is based on analysis of over 1.5 trillion open source download requests, 24,000 open source projects, and 5,600 enterprise development teams.

Continue reading →

Businesses experience problems in leveraging information to make data-driven decisions, communicating between teams and management layers, dealing with 'software sprawl', and accurately quantifying the cost of feature delivery delays a new report shows.

The survey by Accelerated Strategies Group (ASG), commissioned by CloudBees, also shows that many organizations have been able to tackle some of the facets of modern software delivery management, but that there’s still much room for improvement.

Continue reading →

PHP 8.0 is due for release in November, but when this major new version appears Windows will not support it.

The company says that bug fixes and security patches will continue to be released for the lifecycles of PHP versions 7.2, 7.3 and 7.4. But when the latest version is released later this year, Microsoft will "not [...] be supporting PHP for Windows in any capacity for version 8.0 and beyond".

Continue reading →

In a new survey of over 165 developers, AppSec and DevOps professionals, application security automation company ShiftLeft finds that 96 percent of developers believe the disconnect between developer and security workflows inhibits developer productivity.

When asked to prioritize, application security professionals rank creating developer-friendly security workflows as their top priority, even higher than protecting applications in production environments.

Continue reading →