Articles about Development

API security is a major challenge for IT teams, traditional solutions are often fragmented, leading to the need for multiple products and added complexity and cost.

Israeli cybersecurity startup Wib is launching a holistic API security platform to bring complete visibility and control across the entire API ecosystem from code right through to production.

Continue reading →

Remote work is the new normal for developers, with 83 percent working remotely more than half of the time and 76 percent saying they've maintained or increased their frequency of working remotely in the last year.

This is one of the findings of the latest Jamstack Community Survey, from development platform Netlify, which aims to identify trends happening across the global web developer ecosystem built around Jamstack.

Continue reading →

IBM is unveiling a set of new AI capabilities that aim to reduce some of the top barriers to AI adoption and drive down the cost and time investment it currently takes to build and implement AI applications.

The expansion to its embeddable AI software portfolio sees the release of three new libraries designed to help IBM Ecosystem partners, clients and developers more easily, quickly and cost-effectively build their own AI-powered solutions and bring them to market.

Continue reading →

Attacks on the software supply chain have become more common in recent years. Part of the key to tackling them lies in understanding what components are in your software and where they originate.

This is why the software bill of materials (SBOM) has become a vital tool for organizations seeking to secure their software. We spoke to Alex Rybak, senior director, product management at Revenera to learn more about SBOMs and what advantages they offer.

Continue reading →

Software supply chain security is at the top of a lot of agendas at the moment, more so since the Log4j vulnerability was discovered and since the US Executive Order on cybersecurity.

Google is seeking contributors to a new open source project called GUAC (Graph for Understanding Artifact Composition), which although in its early stages yet is poised to change how the industry understands software supply chains.

Continue reading →

More than half (53 percent) of DevOps professionals in a new study say they will consider multicloud architecture to reduce reliance on a specific cloud provider.

The survey of over 700 development professionals and leaders from Techstrong Research finds that the cloud landscape is changing as buyers increasingly put the developer experience on the same footing as core technical and performance capabilities of cloud infrastructure services.

Continue reading →

A year ago we reported on the demise of Microsoft Silverlight and how OpenSilver offered an alternative for those still wanting to run Silverlight apps.

The OpenSilver developers haven't been idle in the meantime and today sees the launch of version 1.1. This allows 99.99 percent reuse of the Silverlight codebase and also guarantees an almost pixel perfect migration.

Continue reading →

Open source has gained enterprise popularity for its decentralized, collaborative approach to software development. By bringing large groups of developers together, it can boost efficiency, visibility and drive the adoption of new technologies.

However, taking a full open-source approach might not be the best fit for smaller enterprises. Dr. William Bain, founder and CEO of ScaleOut Software, cautions that the costs and legal risks associated with going full open source may be too great for smaller software companies. Instead, he recommends a hybrid open and closed-source model, we talked to him to learn more.

Continue reading →

Every year, thousands of code vulnerabilities are discovered, patched and publicly disclosed to improve security for current and potential users.

But many of these vulnerabilities share common features, so what can developers do to write better code that prevents vulnerabilities from entering their apps and services in the first place? We talked to Johannes Dahse, head of R&D at clean code specialist SonarSource, to find out. 

Continue reading →

According to a new report 81 percent of organizations have experienced a cloud-related security incident over the last 12 months, with almost half (45 percent) suffering at least four incidents.

The findings, from machine identity management specialist Venafi, reveal that the underlying issue for these security incidents is a dramatic increase in security and operational complexity connected with cloud deployments.

Continue reading →

Digital transformation is still seen as a priority by many enterprises, but research for low-code application development platform, Toca, reveals the extent of the challenges faced by IT teams in delivering these projects.

Budget constraints, a lack of collaboration across the wider business, legacy systems, a shortage of developers and integration challenges are seen as the top five barriers to transformation initiatives.

Continue reading →

New data reveals a significant increase in activities to secure open source components and integrate security into developer toolchains in order to protect the software supply chain.

The 13th edition of the Building Security In Maturity Model (BSIMM) report from Synopsys analyzes the software security practices of 130 organizations -- including Adobe, PayPal and Lenovo -- in their efforts to secure more than 145,000 applications built and maintained by nearly 410,000 developers.

Continue reading →

Over three-quarters (76 percent) of respondents in a new survey have suffered an API security incident in the last 12 months, primarily caused by dormant/zombie APIs, authorization vulnerabilities, and web application firewalls.

The research from Noname Security also shows that 74 percent of cybersecurity professionals don’t have a complete API inventory or know which APIs return sensitive data.

Continue reading →

Organizations are losing thousands of hours in time and productivity dealing with a massive backlog of vulnerabilities that they have neither the time or resources to tackle effectively, according to a new report.

The State of Vulnerability Management in DevSecOps report from vulnerability management platform Rezilion and the Ponemon Institute, shows 47 percent of security leaders report that they have a backlog of applications that have been identified as vulnerable.

Continue reading →

Many companies are currently undertaking digital transformation projects, but while customers are quick to embrace the benefits of a customer experience reshaped by technology they have little patience when that technology doesn't work as expected.

To allow teams to define, monitor and manage modern app stacks to ensure they meet service level objectives (SLOs), Sumo Logic is launching a Reliability Management tool.

Continue reading →