Accessibility is increasingly recognized as an important part of how organizations deliver value  across a number of industries, and rightly so. It goes beyond meeting legal requirements to improve user experience, promote inclusion, and build better services for all. Yet, despite the growing awareness, some organizations still see integrating accessibility into its processes as an isolated effort or something to be 'checked off' near the end of a project, prompted by upcoming regulation, user complaints, or reputational risk.

This reactive approach may satisfy compliance needs in the short-term, but it does little to build lasting, meaningful inclusion. Meaningful progress happens when accessibility is embedded into an organization’s everyday mindset and operations. In short, accessibility must become a fundamental element, not an afterthought. Adding accessibility to everyday practices instead of reserving it for emergencies allows companies to develop better products, rely on stronger teams, and be more resilient.

Continue reading →

New research finds that 32 percent of security professionals think they can deliver zero-vulnerability software despite rising threats and compliance regulations. 68 percent are more realistic, noting they feel uncertain about achieving this near-impossible outcome.

The study from Lineaje, carried out among RSA attendees, also shows that while software bill of material (SBOM) regulations and guidelines continue to increase, organizations vary in their level of adoption.

Continue reading →

According to recent projections from Gartner, by 2028 90 percent of enterprise software engineers will use AI code assistants, up from less than 14 percent in early 2024. But relying on AI in development roles also introduces risks.

Snyk is launching a new AI-native agentic platform specifically built to secure and govern software development in the AI Era.

Continue reading →

As Java marks its 30th anniversary on May 23rd, it's a powerful reminder that few technologies have had the longevity -- or the impact -- of a language first launched in 1995.

Today, Java continues to underpin much of modern software development, from cloud-native systems to enterprise-scale applications.

To mark this milestone, we caught up with Dewan Ahmed, principal developer advocate at Harness. Dewan, whose work focuses on empowering DevOps and engineering teams to deliver reliable, efficient, and secure software. He has seen first-hand just how much Java has changed over the past decade.

Continue reading →

The use of AI in software development can save valuable time completing routine tasks. But what if it could autonomously respond to events, implement changes, and submit code through standard pull requests?

This is what Zencoder is doing with the launch today of Autonomous Zen Agents for CI/CD, bringing groundbreaking AI automation directly into the software development infrastructure.

Continue reading →

Updates to the Starburst data platform for apps and AI are designed to accelerate enterprise AI initiatives and support the transition to a future-ready data architecture built on a data lakehouse.

At the heart of these changes are Starburst AI Workflows, a purpose-built suite of capabilities that speed AI experimentation to production for enterprises. AI Workflows provides a link between vector-native search, metadata-driven context, and robust governance, all on an open data lakehouse architecture.

Continue reading →

The Python programming language has become the foundation of modern AI and machine learning applications. Of course that makes it a prime target for supply chain attacks.

Public registries do minimal vetting of hosted artifacts, and they don't provide assurance that the distributed library matches its source code, exposing enterprises to supply chain attacks. Python libraries are also susceptible to supply chain attacks because many projects include more than just pure Python code -- for example project maintainers often rebundle shared system libraries into their Python libraries to ensure stable behavior.

Continue reading →

With the European Accessibility Act (EAA) due to come into force next month, 84 percent of respondents to a new study say that digital accessibility is a priority for their company.

The EAA aims to make technology products and services easier to use for people with disabilities. The study, from quality and testing specialist Applause, shows 94 percent of organizations are preparing for the EAA by the June 28, 2025 deadline.

Continue reading →

By 2026 it's estimated the IT skills shortage will affect nine out of 10 organizations, an issue that will only be exacerbated by the growing 'silver tsunami' of seasoned professionals retiring from the industry.

This shortage presents a challenge to almost every organization, especially as IT professionals are being asked to usher their company into the digital age and incorporate new technology into existing workflows.

Continue reading →

The latest State of Pentesting report from Pentera reveals that over 50 percent of enterprise CISOs now report using software-based pentesting to support their in-house testing practices.

Based on research conducted by Global Surveyz, the report notes that 50 percent of CISOs now identify software-based testing as a primary method for uncovering exploitable security gaps within their organizations.

Continue reading →

Artificial intelligence has found its way into many areas, not least software development. But using this technology isn't without problems around security, code quality and more.

We talked to Vibor Cipan, senior manager -- developer relations, community and success at AI coding agent Zencoder to find out more about the challenges of AI development and how to address them.

Continue reading →

Although 63 percent of organizations claim their architecture is integrated throughout development (from design to deployment and beyond), a new study shows more than half (56 percent) have documentation that doesn't match the architecture in production.

The research from vFunction shows the impact of this architecture disconnect has potentially resulted in project delays (53 percent), security or compliance challenges (50 percent), scalability limitations (46 percent), and reduced engineering team productivity (28 percent).

Continue reading →

A new study from Backslash Security looks at seven current versions of OpenAI's GPT, Anthropic's Claude and Google's Gemini to test the influence varying prompting techniques have on their ability to produce secure code.

Three tiers of prompting techniques, ranging from 'naive' to 'comprehensive,' were used to generate code for everyday use cases. Code output was measured by its resilience against 10 Common Weakness Enumeration (CWE) use cases. The results show that although secure code output success rises with prompt sophistication all LLMs generally produced insecure code by default.

Continue reading →

Security teams know they need to test their main applications, but they often struggle to identify which other assets to cover. On average, organizations can miss testing nine out of 10 of their complex web apps.

Security testing platform Detectify is announcing the launch of its new Asset Classification and Scan Recommendations capabilities which enable organizations to easily identify and swiftly act on their complex web applications.

Continue reading →

A new report from API and AI security solutions company Wallarm finds that of around 4,700 security issues analyzed in Agentic AI projects, 49 percent were API-related, underscoring the inseparable nature of agent and API security.

The report also finds that over 1,000 issues in Agentic AI repositories remain unaddressed. 22 percent of reported security issues remain open too, with some lingering for 1,200-plus days, highlighting a critical gap between vulnerability discovery and remediation.

Continue reading →