Articles about Development

A new report from software auditing company Engprax finds 53 percent of software engineers have identified suspected wrongdoing at work but many are reluctant to report it due to fear of retaliation from management.

Of those who have spoken up, 75 percent report facing retaliation the last time they reported wrongdoing to their employers.

Continue reading →

You'll often hear CI (continuous integration) and CD (continuous deployment) mentioned in the same breath, often as CI/CD, and indeed both are part of improving the quality, speed and efficiency of software development.

However, Stephen Atwell, principal product manager at Armory, argues that they shouldn't be considered as related functions. We spoke to him to find out why.

Continue reading →

A new survey of over 280 developers and technical decision makers finds two-thirds dealing with major flaws in homegrown authorization efficiency, security, and app performance. As a result, most organizations (83 percent) plan to invest more into policy as code as a solution.

In case you're unfamiliar with the concept, policy-as-code is an approach to policy management in which policies are defined, shared, updated and enforced using code rather than relying on manual processes.

Continue reading →

With so many different platforms and technologies available, navigating the world of cloud computing can be tricky.

In a bid to make things simpler Acorn Labs is announcing public beta availability of its cloud developer platform Acorn, a service that makes it simple for anyone to run software in their own cloud sandbox and easily share their creations.

Continue reading →

While much literature has been written on best practices for systems architecture, the desired outcomes have been as elusive as they have been sought after. The de-facto standard for enterprise systems that exists in reality is often closer to A Big Ball of Mud.

Very rarely is an organization’s technology (the infrastructure, the software or the set of systems powering the organization) planned as the state in which we see it today. All early systems need to scale, and most companies in the growth phase don't have the bandwidth to deal with this graciously.

Continue reading →

It's estimated that enterprise IT accounts for around 1.5 percent of the world's energy usage, making it a major contributor to greenhouse gas emissions.

But a simple switch to using more efficient solutions rather than simply throwing everything into the cloud could make a significant difference. We spoke to Dr. Jim Webber, chief scientist at native graph database leader Neo4j and visiting professor at Newcastle University, to find out more.

Continue reading →

Application Programming Interfaces (APIs), which act as the glue connecting systems and applications together, are now the number one attack target for cyber criminals. Attack methods have changed over recent years, however, prompting the OWASP API Security Project to revise its API Security Top 10 of attack types for 2023.

But do the tactics, techniques and procedures (TTPs) it covers still serve as a blueprint for defense? We spoke to Jason Kent, hacker in residence at Cequence Security, to find out if the top 10 is liable to see defenders take too narrow an approach.

Continue reading →

Today's application security landscape is complex and can lead to teams spending a lot of time hunting down vulnerabilities. Add in the move to cloud-based development and there's an even higher volume of code to deal with

We spoke to Shahar Man, CEO at Backslash Security, to learn more about what AppSec needs to look like in this world and how it ties in with greater use of the cloud.

Continue reading →

In today's increasingly digitally-centered organizations, the development of products, services, and solutions increasingly depends on the implementation of Application Programming Interfaces (APIs).

APIs have become the building blocks of modern business applications and are critical to digital transformation -- so much so that API security has become a boardroom issue.

Continue reading →

This year has seen twice as many software supply chain attacks as 2019-2022 combined and one in eight open source downloads today pose known and avoidable risks.

The latest State of the Software Supply Chain Report from Sonatype, which logged 245,032 malicious packages in 2023, also shows that 96 percent of vulnerabilities are still avoidable.

Continue reading →

Investments in DevOps automation are delivering significant benefits, including a 61 percent improvement in software quality, a 57 percent reduction in deployment failures, and a 55 percent decrease in IT costs.

However, a new survey from Dynatrace shows that just 38 percent of organizations have a clearly defined DevOps automation strategy.

Continue reading →

According to 800 developer (DevOps) and application security (SecOps) leaders surveyed, 97 percent are using GenAI technology today, with 74 percent saying they feel pressured to use it despite identified security risks.

The research from software supply chain management company Sonatype shows 45 percent of SecOps leads have already implemented generative AI into the software development process, compared to only 31 percent for DevOps.

Continue reading →

Most organizations have some level of legacy apps. These can be hard to maintain and inhibit initiatives like data sharing. But the modernization process is challenging due to staffing, tools, training, and other issues.

We spoke to EvolveWare CEO Miten Marfatia to find out how enterprise IT can ease this complex process and ensure they get it right.

Continue reading →

As developers look for ways to improve productivity they're moving away from 'no-code' offerings and have their sights set on serverless platforms to help bolster their 'low-code' solutions.

Serverless platforms take tasks like managing application resilience, performance, security and compliance away from developers, allowing them to focus on functionality and innovation. We spoke to Briana Frank, VP of product at IBM Cloud to find out more about how serverless will unlock the next era of low-code.

Continue reading →

Recent developments in generative AI have led to a good deal of debate around whether jobs are at risk. Since new AI applications like OpenAI Codex and Copilot can write code, developers could be among those under threat.

We spoke to Trisha Gee, lead developer evangelist at Gradle, to find out more about how AI is likely to change the way developers work.

Continue reading →