Articles about Development

As we reported a few weeks ago, OpenSSF in conjunction with the White House and others has launched a 10-point plan and funding with the aim of improving the security of the software supply chain.

OpenSSF has also announced a number of new members including premier members, Atlassian and Sonatype, who will join the OpenSSF governing board.

Continue reading →

It's an increasingly rare application these days that doesn’t claim to incorporate some form of artificial intelligence or machine learning capability.

But while this may be great from a marketing standpoint it does pose a challenge for developers. We spoke to Luis Ceze, CEO and co-founder of OctoML, to find out more.

Continue reading →

A new global study of 1,000 CIOs finds that 82 percent say their organizations are vulnerable to cyberattacks targeting software supply chains.

The research from machine identity specialist Venafi suggests the shift to cloud native development, along with the increased speed brought about by the adoption of DevOps processes, has made the challenges connected with securing software supply chains infinitely more complex.

Continue reading →

A new report from web application protection specialist Source Defense highlights the risk presented by the use of third and fourth party code on corporate websites.

The digital supply chain means that highly dynamic and unpredictable scripts and code from third parties and beyond, permeate every aspect of a business's web presence. This shadow code has led to some high profile breaches including the British Airways hack in 2018.

Continue reading →

Edge messaging infrastructure is critical to the data delivery that powers the experiences consumers expect, such as live chat, order delivery tracking, and document collaboration.

But a new report from edge messaging platform Ably reveals that 65 percent of organizations experienced an outage or significant downtime in the last 12-18 months with the edge messaging infrastructure they had built in-house.

Continue reading →

As the number of breaches shows no sign of reducing, cybersecurity and development professionals are feeling the pressure to maintain their organizations’ security postures.

New research from Invicti Security finds DevSecOps professionals spend more than four hours each workday addressing security issues that never should have happened in the first place.

Continue reading →

White House officials, The Linux Foundation, OpenSSF and 37 private sector tech companies have announced a 10-point open source and software supply chain mobilization plan and $150 million of funding over two years.

At a summit meeting yesterday several participating organizations came together to collectively pledge an initial tranche of funding towards implementation of the plan. Those companies are Amazon, Ericsson, Google, Intel, Microsoft, and VMWare, pledging over $30M.

Continue reading →

Open source software provides much of the backbone of our digital society. Yet many of the developers and maintainers working on some of the most critical projects embedded across networks and products remain unpaid or underpaid.

To help address this, Backend-as-a-Service (BaaS) platform Appwrite is launching a new Open Source Software Fund (OSS Fund), which will award $50,000 in its first year to open source maintainers whose projects provide the very foundation for today's digital infrastructure but who aren't being compensated as such.

Continue reading →

More and more workloads are being shifted to the cloud and a new report from Tigera shows that 75 percent of companies are focusing development on cloud-native applications.

But this increased development and deployment of cloud-native applications also creates the need for more advanced observability and security capabilities.

Continue reading →

Supported by IBM, The Linux Foundation and the UNHCHR, the 2022 Call for Code Global Challenge wants to bring together developers and problem solvers to use open innovation to help accelerate sustainability and combat climate change.

Now in its fifth year, Call for Code has galvanized a community of more than a half million developers, students, and problem solvers from 180 nations to design cutting-edge open source-powered hybrid cloud and AI solutions that can tackle some of the world's most pressing issues.

Continue reading →

While 72 percent of respondents to a new survey expect that the majority of their apps will be created using cloud-native development by 2023, only 47 percent of them say they know a lot about it.

The survey of over 500 IT leaders and developers across industries, carried out for low-code development specialist OutSystems, shows that selecting the right tools/platforms (52 percent), and architectural complexity (51 percent) are the top two challenges, even for those currently using cloud-native.

Continue reading →

Whether it's down to the Great Resignation or a lack of the correct skills, security and development teams are struggling to find and retain enough skilled staff.

A new study released today by cybersecurity company Cobalt finds that 45 percent of security respondents say their department is currently experiencing a shortage of employees.

Continue reading →

The public sector has the highest proportion of security flaws in its applications along with some of the lowest and slowest fix rates compared to other industry sectors.

A new report from application security testing company Veracode finds 82 percent of public sector applications have security flaws and that 60 percent of flaws in third-party libraries in the public sector remain unfixed after two years.

Continue reading →

Businesses are investing more in site reliability engineering but are being held back by outdated and manual processes, according to a new report.

A study of 450 site reliability engineers carried out by software intelligence company Dynatrace finds 88 percent say there is now more understanding of the strategic importance of their role than there was three years ago.

Continue reading →

Generating, managing and accessing secrets within development workflows can be a complex process and lead to the inadvertent introduction of risks.

Security and privacy specialist 1Password is launching a new set of developer tools that aim to simplify complex processes and improve security practices to ensure data is protected, without slowing down the development pipeline. This will also provide developers with secure access to the secrets they need wherever they are.

Continue reading →