Tag: SCA
The IT-DevOps Life Cycle is Like a Pyramid That Keeps Growing
Don Macvittie | | application testing, coding assistant, IT architecture, SaaS, SBoM, SCA, security testing, workload
For the most part, the demand for new technology to solve age-old problems has been a net increase in workload ...
It’s Funny How We Forgot About Container Sprawl
Don MacVittie explains how DevOps technology and tools have saved developers from the horrors of container sprawl ...
ForAllSecure Streamlines Application Security Testing
ForAllSecure provided early access to dynamic SBOM generation and SCA validation capabilities within its Mayhem Security automated code and API testing tool ...
Technical Debt: Don’t Buy Buzzwords
Buying into the 'next big new shiny thing' only increases your technical debt. Don MacVittie advises only buying what's necessary ...
Low-Hanging Fruit, 2023 Edition: Part Two
Don Macvittie | | container, container Registry, container security, SBoM, SCA, security, software bill of materials, Software Supply Chain, Source Composition Analysis
Last time, we discussed setting up a comparative inventory system for your growing API footprint. The idea is that as security catches up to new technology deployments, enterprises will have to step ...
The Security Pipeline
Don Macvittie | | agile, container image scanning, DAST, devsecops, IAST, SAST, SBoM, SCA, security, security integration
Over the last few years, the ability to secure our applications has grown, and deep integration into the DevOps toolchain has, too. There are more tools doing more security checks protecting more ...
Software Supply Chain Risk Management: A 2023 Guide
Software supply chain risk management (SSCRM) refers to the process of identifying, assessing and mitigating risks associated with third-party software components and services that are integrated into software products. SSCRM involves understanding ...
Addressing Software Supply Chain Security
Tomislav Pericin | | DAST, SAST, SCA, Software Supply Chain, software supply chain attacks, Software Supply Chain Security
It’s essential for organizations to learn more about the software supply chains they rely on and the steps needed to secure them. In just the past few years, we have seen a ...
Modern DevOps is a Chance to Make Security Part of the Process
I’ve mentioned before, and many of you have lived through, the slowly changing beliefs around DevOps versus security. We are past the days of “Security slows us down” and into “How can ...
ReversingLabs Adds Ability to Detect Secrets in Application Binaries
ReversingLabs today announced it added an ability to detect secrets exposed in application binaries to its Software Supply Chain Security (SSCS) platform. Tomislav Peričin, chief software architect for ReversingLabs, said this addition ...
The Scariest Things About SCA
It is a time of ghouls, mischievous spirits and David S. Pumpkins. In the spirit of Halloween, here are the top five scariest limitations of software composition analysis (SCA) tools that are ...
SCA, SBOMs and Floodgates
Don Macvittie | | open-source components, SBoM, SCA, software bill of materials, software composition analysis
Two criteria are used to determine pervasiveness of a new idea. Availability of an easy-to-understand solution and customer need. Given both of these items, what might be a market-differentiating feature available in ...
