Articles about Development

Whether it's down to the Great Resignation or a lack of the correct skills, security and development teams are struggling to find and retain enough skilled staff.

A new study released today by cybersecurity company Cobalt finds that 45 percent of security respondents say their department is currently experiencing a shortage of employees.

Continue reading →

The public sector has the highest proportion of security flaws in its applications along with some of the lowest and slowest fix rates compared to other industry sectors.

A new report from application security testing company Veracode finds 82 percent of public sector applications have security flaws and that 60 percent of flaws in third-party libraries in the public sector remain unfixed after two years.

Continue reading →

Businesses are investing more in site reliability engineering but are being held back by outdated and manual processes, according to a new report.

A study of 450 site reliability engineers carried out by software intelligence company Dynatrace finds 88 percent say there is now more understanding of the strategic importance of their role than there was three years ago.

Continue reading →

Generating, managing and accessing secrets within development workflows can be a complex process and lead to the inadvertent introduction of risks.

Security and privacy specialist 1Password is launching a new set of developer tools that aim to simplify complex processes and improve security practices to ensure data is protected, without slowing down the development pipeline. This will also provide developers with secure access to the secrets they need wherever they are.

Continue reading →

Creating apps and automating processes without having to write code has a number of benefits that have become even more attractive during the pandemic. So it's no surprise that Gartner estimates 65 percent of all application development by 2024 will be using low-code or no-code tools.

Of course in the modern world anything important -- and quite a few things that aren't -- needs to have a day. So, in order to raise awareness of the benefits of no-code, today has been declared National No-Code Day -- an initiative started by no-code and AI programming platform Zapier.

Continue reading →

Open source software is usually selected for reasons like flexibility, access to development resources and cost. But the latest State of Enterprise Open Source report from Red Hat shows that 82 percent of decision makers are more likely to choose a vendor that contributes to the open source community.

Top reasons given for preferring these vendors are that they're familiar with open source processes and help sustain healthy communities -- both cited by 49 percent of respondents -- that they can influence the development of features (48 percent) and that they are likely to be more effective in the face of technical challenges (46 percent).

Continue reading →

There has been a lot of buzz surrounding the adoption of artificial intelligence. According to a recent report from McKinsey 57 percent of companies are now using AI in at least one function. But how much is hype and how much is built on a sound commercial base?

We spoke to Mike Loukides, VP of emerging tech content at O'Reilly Media and author of O'Reilly Media's widely-cited AI Adoption in the Enterprise report, to discuss the current state of AI and what lies ahead.

Continue reading →

Malicious API traffic has increased 681 percent in the last year, set against a 321 percent increase in overall API traffic.

A new report from API security specialist Salt Security shows 95 percent of surveyed organizations have experienced an API security incident in the past 12 months.

Continue reading →

A new report based on data from more than 100 open source audit projects conducted in 2021 finds that companies are only aware of 17 percent of the open source components they use, an increase of just four percent in the past year.

The 2022 State of the Software Supply Chain Report from Revenera also shows that risks are increasing.

Continue reading →

We increasingly rely on APIs to deliver the smooth sharing of information between applications. But their very functionality and ease of use is also a gift to attackers.

A recent report from Cequence Security shows that 80 percent, or 1.8 billion, blocked attacks between June and December 2021 were found to be API-based. At the same time APIs exposing sensitive data like payment (PCI) or personally identifiable information (PII) have increased by 87 percent.

Continue reading →

DevOps has become the mainstream development culture in recent years, but like other areas of the tech world it continues to evolve.

Add in changes brought about by the pandemic, the Great Resignation, automation and more, and it's clear that the evolution is set to continue. We spoke to Shanea Leven, CEO of CodeSee to find out what changes have already taken place and what the future might hold.

Continue reading →

Most applications are now security scanned around three times a week, compared to just two or three times a year a decade ago.

A new report from Veracode also shows developers now testing more than 17 new applications per quarter -- more than triple the number of apps scanned over the same period a decade ago.

Continue reading →

Developers have a lot to think about in 2022. Security tops the list and, increasingly, developers in the cloud and using Kubernetes need to think about cost too.

We talked to Rob Faraj, co-founder of monitoring tool Kubecost, to find out cultural shifts that organizations and developers need to make to overcome challenges created by the increase in adoption of Kubernetes.

Continue reading →

New research from the Linux Foundation looks at the extent of organizational software bill of materials (SBOM) readiness and adoption tied to cybersecurity efforts.

An SBOM is formal and machine-readable metadata that uniquely identifies a software component and its contents, and it may also include copyright and license data.

Continue reading →

As the internet is increasingly accessed from mobile devices, mobile apps need to be considered as part of a company's security strategy.

A new report from BitSight finds that three out of four mobile applications evaluated contained at least one moderate vulnerability. It also finds material and severe vulnerabilities in some popular apps.

Continue reading →