Articles about Development

There is just about no field of technology that is not somehow being enhanced by artificial intelligence. Microsoft has already shown its own love of AI by introducing it to various aspects of Windows and other products, and the latest release from the company is .NET Smart Components.

These are described as "AI-powered UI controls" that Microsoft says can be quickly and easily add to .NET apps. Billed, unsurprisingly, as "genuinely useful", the company says the components remove the need to "spend weeks of dev time redesigning your UX or researching machine learning and prompt engineering".

Continue reading →

While Microsoft is keen on deprecating features and apps, it has also been engaged in injecting new life into legacy apps in recent years -- just look at how Paint has evolved, for instance. The company has also been slowly but surely updating another software stalwart, Notepad.

Having already added a tabbed interface, an auto-save feature and, of course, a dash of AI, Microsoft is a now set to add a spell checking. It does not end there, though. In addition to a highly customizable spell checker, there will also be an autocorrect feature -- and considerations have been made for developers and coders.

Continue reading →

Friction and lack of communication between development and security teams can lead to problems in software development and testing.

How can we bridge the gap between developer and security teams and help them see that they have common goals? We spoke to Scott Gerlach, CSO and co-founder of StackHawk, the company making web application and API security testing part of software delivery, to find out.

Continue reading →

Over the years, security vendors have pushed companies to integrate their tools into the DevOps pipeline with the promise of being able to move faster and be more secure.

However, as businesses have matured their DevSecOps practices the more they have been hit by mountains of reported vulnerabilities and problems that have slowed them down. So, has DevSecOps failed in its promise? We talked to Eitan Worcel, CEO at Mobb, to find out.

Continue reading →

The biggest software development challenge in 2024 will be incorporating AI into the development process, according to a new report.

The Reveal survey of 585 software developers and IT professionals from Infragistics shows 40.7 percent name this as the top challenge followed by high workload (29.6 percent) and increased customer demands (29.2 percent).

Continue reading →

When OpenTelemetry was first released in 2019, there was a good deal of excitement about the prospect of a single standard set of telemetry data for the entire modern software stack.

OpenTelemetry set out to make robust, portable telemetry a built-in feature of cloud-native software, and give developers and platform engineers a common mental model for all the telemetry types.

Continue reading →

A new study reveals that 92 percent of companies surveyed had experienced a breach in the past year due to vulnerabilities of applications developed in-house.

The report from Checkmarx shows that in recent years the responsibility for application security has shifted away from dedicated security teams and is now shared between AppSec managers and developers.

Continue reading →

The percentage of codebases with high-risk open source vulnerabilities -- those that have been actively exploited, have documented proof-of-concept exploits or are classified as remote code execution vulnerabilities -- increased from 48 percent in 2022 to 74 percent in 2023, according to new research.

The Open Source Security and Risk Analysis (OSSRA) report from Synopsys is based on findings from more than 1,000 commercial codebase audits across 17 industries. While codebases containing at least one open source vulnerability remain consistent year-on-year at 84 percent, significantly more codebases contained high-risk vulnerabilities in 2023.

Continue reading →

A new report from Veracode shows that software security debt -- flaws that have gone unfixed for over a year -- is found in 42 percent of applications.

Although the number of high-severity flaws has reduced 70.8 percent of organizations still suffer from security debt. 45.9 percent have critical security debt, that is high-severity flaws that have been unfixed for 12 months or more.

Continue reading →

The overwhelming majority of organizations (91 percent) have experienced a software supply chain incident in the past 12 months, according to a new report.

The study from Data Theorem and the Enterprise Strategy Group surveyed over 350 respondents from private- and public-sector organizations in the US and Canada across cybersecurity professionals, application developers and IT professionals.

Continue reading →

A new report from cloud security company Sysdig reveals that many businesses are indulging in the dangerous practice of putting convenience before preventive security in pursuit of faster application development.

"Attackers are leveraging automation to exploit every point of weakness they can uncover," says Crystal Morin, cybersecurity strategist at Sysdig. "This year's report shows that many companies are chasing faster innovation at the cost of more comprehensive security -- a gamble that poses real business risks."

Continue reading →

A new report from software engineering specialist LinearB looks at the effects of generative AI on code creation and delivery.

Gen AI is predicted to generate one in five lines of code by the end of this year and the study of over 150 tech leaders sets out to understand how organizations can measure the effects of Gen AI on their code.

Continue reading →

Crowdsourced security platform Bugcrowd’s latest Vulnerability Trends Report finds that the hacker community recorded a 30 percent increase in web vulnerability submissions on the platform compared to 2022.

In addition it has recorded an 18 percent increase in API submissions, a 21 percent increase in Android submissions, and a 17 percent increase in iOS submissions.

Continue reading →

In recent years, enterprises have increasingly turned to low-code and no-code platforms in order to streamline their development processes.

With the introduction of AI, this sector is evolving even faster and Wing To, general manager of Intelligent DevOps at Digital.ai, believes this needs organizations to develop a cautious approach. We spoke to him to find out why.

Continue reading →

Organizations are struggling to keep up with vulnerabilities amid software supply chain complexity, with more than 40 percent still in reactive mode according to a new report from Slim.AI.

The 2023 Container Report, based on a survey conducted with Enterprise Strategy Group, shows few organizations know exactly how to address security in the upstream dependencies of the applications and the containers they run in production.

Continue reading →