GitHub’s Nico Waisman: ‘Security is not just an opportunity, but a responsibility for us’

Source:-portswigger.net The GitHub Security Lab was set up by the software development platform in November 2019. Headed up by Nico Waisman, the lab’s mission, first and foremost, is to improve security in open source projects. With GitHub claiming that more than 90% of enterprise software now uses at least some open source elements, the need to improve the security of the OSS ecosystem is more important than ever. And, as Waisman points out, there is an imbalance between software developers

Read more

GitHub to replace “master” with alternative term to avoid slavery references

Source:-zdnet.com GitHub getting on board legitimizes movement aimed at removing racially-charged language from software. GitHub is working on replacing the term “master” on its service with a neutral term like “main” to avoid any unnecessary references to slavery, its CEO said on Friday. The code-hosting portal is just the latest in a long line of tech companies and open source projects that have expressed support for removing terms that may be offensive to developers in the black community. This includes

Read more

The DevOps Imperative: Keep Up Or Get Lost

Source:-forbes.com When I started in the software industry more than 30 years ago, we were still writing code in low-level programming languages and handing projects off to other teams without even knowing if they worked. The process was time-consuming and prone to errors — a lot like moving at the speed of a horse and cart compared to a car. We were doing well if we released major updates every 12-18 months. That now sounds like the Dark Ages. Today,

Read more

Investing $3,000 in These 3 Cloud Computing Stocks Makes Sense

Source:-fool.com A lot of cloud-based platform providers are sky-high these days, but these three stocks have what it takes to keep reaching for the clouds. One of the better performing sectors since the growth stocks bottomed out in mid-March is cloud computing. If you want a little more tech stock exposure in your portfolio, putting some new money to work in the next wave of market darlings could be a smart call. If you have $3,000 to invest, taking positions

Read more

Survey: Teams supported by mature DevOps practices more likely to integrate automated security

Source:-techrepublic.com Adding security into DevOps hasn’t been as easy as automating all the things. Sonatype’s survey shows the state of the industry—and what you might want to work on next. Teams are deploying software from DevOps teams at an accelerated rate, according to Sonatype, providers of the Nexus platform for application security, which recently released the 2020 DevSecOps Community Survey. The survey also showed that teams with mature DevOps support were happier in their jobs. SEE: Cybersecurity: Let’s get tactical

Read more

Observability: Solving The Hidden Cost of Kubernetes Applications

Source: containerjournal.com Kubernetes, in many ways, has allowed software organizations to realize the benefits of microservices by providing a convenient and powerful abstraction for deploying, scaling and running distributed software systems. Those benefits, however, have come at a cost for traditional software operations. Indeed, as microservices have grown in complexity and scale, teams have often struggled to adapt to the hidden costs that these powerful new technologies have uncovered—spiraling monitoring costs, misunderstanding or not understanding service dependencies, the creation of

Read more

GitHub Makes Private Repositories Free for Unlimited Users

Source:-devops.com GitHub this week announced is making available private repositories for an unlimited number of collaborators available to all GitHub accounts for free. Kelly Stirman, vice president of product strategy and marketing, said that subsidiary of Microsoft could make this move because it is now generating enough revenue from the enterprise edition of its platform to sustain its business model. Previously, organizations that wanted to use GitHub for private development needed to subscribe to a paid plan. DevOps teams that

Read more

New Tool for Kubernetes Shifts Security Left

Source:-adtmag.com Alcide, an Israel-based provider of Kubernetes security solutions, today released a new command-line tool designed to allow developers, DevOps pros and Kubernetes app builders to scan their Kubernetes configuration and deployment files as part of their app development process, and to deploy it into their continuous integration (CI) pipelines. Called sKan, the tool is free, open source and available now from the company Web site. Effectively, the new tool provides “a software translation of DevSecOps culture” and shifts security

Read more

Docker open sources Compose Spec, aims for added Kubernetes flavour

Source:-devclass.com Docker has handed its Compose Spec to the open source world and is looking for maintainers for the project to help it expand its Kubernetes footprint. As the project’s GitHub page puts it, “The Compose specification establishes a standard for the definition of multi-container platform-agnostic applications.” In a blog post this week, Docker senior product manager Ben De St Paer-Gotch said, “This new community will be run with open governance with input from all interested parties allowing us together

Read more

How Enterprises Can Overcome Barriers to DevOps

Source:-eweek.com eWEEK DATA POINTS: The CEO of Coralogix explores barriers to DevOps and proposes potential solutions that enable deeper cooperation to ultimately deliver higher quality products at a faster pace. Data Point No. 1: Resistance to the unknown Humans are creatures of habit. We also need proof that new ways of doing things will benefit us and the way we work. One way to onboard skeptical employees to a DevOps culture is by creating a DevOps champion or champion team

Read more
1 2 3 6