Articles about Development

When preparing for modernization, 70 percent of companies are confident or very confident in their understanding of their applications.

However, a new report from EvolveWare shows the high confidence level drops as companies plan their modernization project (41 percent) and begin their project (28 percent), suggesting that organizations only start to understand the level of knowledge needed for these efforts after they are further into their planning or execution.

Continue reading →

With more and more organizations turning to the cloud and cloud-native application development, AppSec teams face a mounting challenge to keep pace with their development counterparts.

To address this, Backslash Security is launching a new solution to provide unified code and cloud-native security by correlating cloud context to code risk, backed by automated threat modeling, code risk prioritization, and simplified remediation across applications and teams.

Continue reading →

As we reported at the end of last year, IBM and AWS have extended their collaboration, making IBM software products available as Software-as-a-Service (SaaS) on the AWS Marketplace.

We spoke to Judah Bernstein, CTO, AWS strategic partnership at IBM, to find out more about how the collaboration works and what it means for customers and Ecosystem partners.

Continue reading →

Complex software today includes components that rely on digital authentication credentials commonly referred to as secrets, which include tools such as login credentials, API tokens, and encryption keys. While critical for the software to function, managing secrets across every component of code is a challenge that can result in secrets being left vulnerable.

Supply chain security company ReversingLabs is launching a new secrets detection feature within its Software Supply Chain Security (SSCS) platform.

Continue reading →

Secrets are not just login credentials and personal data; they securely hold together the components of the modern software supply chain, from code to the cloud. And because of the leverage they provide they are much sought-after by hackers.

However, many breaches that occurred in 2022 show how inadequate the protection of secrets is. Research from automated detection specialist GitGuardian finds that one in 10 code authors exposed a secret in 2022.

Continue reading →

As developers increasingly rely on open source components in their projects, knowing which have been used is a key part of being able to identify updates and potential threats. This is where a software bill of materials (SBOM) is essential.

Application security testing and software research services company GrammaTech is launching a no cost SBOM service, alongside a new version of its CodeSentry software composition analysis (SCA) tool.

Continue reading →

One of the popular buzzwords in development circles in recent years has been 'deployment at scale'. Now, while it's nice to have a universally recognized term, opinions about what deployment at scale actually means tend to vary.

So what exactly does 'at scale' mean in the development community and how can companies define their own approach? We spoke to Adam Frank, VP, product and marketing at Armory.io, to find out.

Continue reading →

The OWASP Foundation (Open Web Application Security Project) and IBM have today announced IBM’s contribution of two open source projects aimed at increasing trust across open hardware and software supply chains.

The two projects are SBOM Utility and License Scanner, which add to CycloneDX, a flagship OWASP project and a leading Bill of Materials (BOM) standard. These promote validation, content analysis and accuracy of software license information included within BOMs.

Continue reading →

PowerToys developers are currently working on a new utility that will make it possible to use the keyboard shortcut Ctrl + Win + V to paste text and strip away formatting.

Users of Microsoft Word -- and, indeed, other word processors -- will be familiar with the ability to copy and paste text either with or without the original formatting being retained. But this is not something that is supported by all apps, hence the need for the PastePlain PowerToys module.

Continue reading →

Recruiting developers with the right skills remains the top challenge for 2023, according to a new survey of over 2,200 software developers and IT professionals carried out by Infragistics' Reveal.

While nearly all developers (88.8 percent) work with a designer or design team, nearly half of a developer's time (43.4 percent) is spent on coding an app, the survey finds. The lack of skilled developers is being solved by turning to low-code/no-code tools in three-quarters (76.8 percent) of organizations.

Continue reading →

A new study, based on the results of more than 1,700 audits of commercial and proprietary codebases involved in merger and acquisition transactions, finds 84 percent contain at least one known open source vulnerability, an increase of almost four percent from last year.

The Open Source Security and Risk Analysis (OSSRA) report, produced by the Synopsys Cybersecurity Research Center (CyRC), shows growing use of open source. In the education technology sector it's grown by 163 percent, with educational courses and instructor/student interactions increasingly pushed online.

Continue reading →

As developers come under increasing pressure to deliver projects quickly, there's a rising level of conflict between development and security teams. And attackers are taking advantage of this conflict in order to target software supply chains.

So, what kind of threats do enterprises face and what can they do to protect themselves? We spoke to Pete Morgan, co-founder and CSO of supply chain security company Phylum to find out.

Continue reading →

When it comes to software development, quality testing is among the first items on the chopping block during budget cuts. It is often viewed as a cost center, and nothing more than a box to tick on the road to getting software out the door.

Chief quality architect Mush Honda of quality management platform Katalon, sees it differently. We spoke to him to find out why he thinks quality testing is an essential catalyst for company growth by helping companies retain customers, who can easily switch to competitors at the first sign of online hiccups.

Continue reading →

A new report from provider of Java web application platforms, Vaadin, looks at how enterprises build, deploy, and modernize Java applications in 2023 and also reveals trends and future plans for the use of Java in enterprise applications.

Java is used heavily for both internal (64 percent) and customer-facing (62 percent) applications, which include both SaaS and internet-based services. However, Almost half of Java applications still need modernization.

Continue reading →

Today Canonical has announced the general availability of real-time Ubuntu 22.04 LTS. This enterprise-grade offering is aimed at the industrial, telecom, automotive, aerospace and defense sectors, as well as public sector and retail.

Real-time Ubuntu allows organizations to run their most demanding workloads and develop a wide range of time-sensitive applications on the open-source operating system.

Continue reading →