Tag: InfoWorld Security

Modern software applications are underpinned by a large and growing web of APIs, microservices, and cloud services that must be highly available, fault tolerant, and secure. The underlying networking technology must support all of these requirements, of course, but also…

Read more →

The Rust language team has published a point release of Rust to fix a critical vulnerability to the standard library that could benefit an attacker when using Windows. Rust 1.77.2, published on April 9, includes a fix for CVE-2024-24576. Before…

Read more →

Synopsys has introduced Black Duck Supply Chain Edition, a software composition analysis (SCA) package that helps organizations mitigate upstream risk in software supply chains, including from AI code. Announced April 9, Black Duck Supply Chain Edition is intended to address…

Read more →

Synopsys has introduced Black Duck Supply Chain Edition, a software composition analysis (SCA) package that helps organizations mitigate upstream risk in software supply chains, including from AI code. Announced April 9, Black Duck Supply Chain Edition is intended to address…

Read more →

Synopsys has introduced Black Duck Supply Chain Edition, a software composition analysis (SCA) package that helps organizations mitigate upstream risk in software supply chains, including from AI code. Announced April 9, Black Duck Supply Chain Edition is intended to address…

Read more →

Over the past decade, Rust has emerged as a language of choice for people who want to write fast, machine-native software that also has strong guarantees for memory safety. Other languages, like C, may run fast and close to the…

Read more →

2023 has been a breakout year for developers and generative AI. GitHub Copilot graduated from its technical preview stage in June 2022, and OpenAI released ChatGPT in November 2022. Just 18 months later, according to a survey by Sourcegraph, 95%…

Read more →

The benefits of developing software in the cloud include increased flexibility and reliability, greater efficiency, and reduced costs. But cloud-based development also presents a host of challenges. Knowing what to watch out for is the first step to protecting your applications…

Read more →

The key benefits of platform engineering are increased developer productivity, better quality of software, reduced lead time for deployment, and more stable applications, according to Puppet by Perforce’s 2024 State of Devops Report: The Evolution of Platform Engineering. The report…

Read more →

The key benefits of platform engineering are increased developer productivity, better quality of software, reduced lead time for deployment, and more stable applications, according to Puppet by Perforce’s 2024 State of Devops Report: The Evolution of Platform Engineering. The report…

Read more →

The benefits of developing software in the cloud include increased flexibility and reliability, greater efficiency, and reduced costs. But cloud-based development also presents a host of challenges. Knowing what to watch out for is the first step to protecting your applications…

Read more →

Java Development Kit (JDK) 22, released by Oracle March 19 as the latest version of standard Java, offers a number of security enhancements, covering areas ranging from an asymmetric key interface to a new security option for -XshowSettings that allows…

Read more →

GitHub is previewing code scanning autofix, a feature that combines its GitHub Copilot AI assistant with its CodeQL code scanner to provide suggested fixes to discovered vulnerabilities. Code scanning autofix is available in a public beta to GitHub Advanced Security…

Read more →

In JFrog’s just-released Software Supply Chain State of the Union 2024 report, the software supply chain platform provider found extensive use of AI and machine learning tools for security. However, only one in three software developers the company surveyed use…

Read more →

The internet of things (IoT) has transformed the way we interact with the world, connecting a myriad of devices to the internet, from smart thermostats in our homes to industrial sensors in manufacturing plants. A significant portion of these IoT…

Read more →

C++ creator Bjarne Stroustrup has defended the widely used programming language in response to a Biden administration report that calls on developers to use memory-safe languages and avoid using vulnerable ones such as C++ and C. In a March 15…

Read more →

Frank Crane wasn’t talking about open source when he famously said, “You may be deceived if you trust too much, but you will live in torment if you don’t trust enough.” But that’s a great way to summarize today’s gap…

Read more →

The US federal government has released a software attestation form intended to ensure that software producers partnering with the government leverage minimum secure development techniques and tool sets. The form was announced March 11 by the Department of Homeland Security’s…

Read more →