SDLC

Tabnine Introduces Real-Time Switchable Models for Tabnine Chat, Putting Control Back in Hands of Engineering Teams

Retrieved on: 
Tuesday, April 2, 2024
Documentation, AI, LLM, SDLC, Catalog, Privacy, TEL, Engineering, Ides, Online shopping

Engineering teams can now select from a catalog of models to use the one best suited to their situation, and can switch between them at-will.

Key Points: 
  • Engineering teams can now select from a catalog of models to use the one best suited to their situation, and can switch between them at-will.
  • Historically, engineering teams had to choose both the AI coding assistant and its underlying models.
  • “Engineering teams should have the freedom to choose the most suitable model for their use case without the need for multiple AI assistants or vendor switches.
  • Furthermore, with ongoing support for popular integrated development environments (IDEs) and integrations with common development tools, Tabnine ensures compatibility within existing engineering ecosystems.

Perforce's 2024 State of Automotive Software Development Report Reveals Embedded Security Is a Rising Concern as Market Transitions to Electric Vehicles

Retrieved on: 
Tuesday, April 9, 2024
Eclipse, Perforce, Interest, Growth, Original equipment manufacturer, Electricity, Partnership, Software, Organization, SDLC, Safety, Workforce, Eclipse Foundation, SAST, Medical device

MINNEAPOLIS, April 9, 2024 /PRNewswire/ -- Perforce Software, a provider of solutions for enterprise teams requiring productivity and visibility at scale within the SDLC, released the results of its annual State of Automotive Software Development survey conducted in partnership with Automotive IQ and the Eclipse Foundation. Nearly 600 automotive development professionals across the globe provided responses to current practices and emerging trends within the industry. The 2024 survey was expanded geographically to include more respondents from the Asia-Pacific region, providing a more accurate view of the current state of automotive development worldwide.

Key Points: 
  • The 2024 survey was expanded geographically to include more respondents from the Asia-Pacific region, providing a more accurate view of the current state of automotive development worldwide.
  • The survey found that automotive developers' top three leading development concerns are quality (29%), security (25%), and safety (21%).
  • With electric and connected vehicle segments becoming more established in today's market, software is even more central to automotive development.
  • Interested parties can download the full 2024 State of Automotive Software Development Report by visiting: https://www.perforce.com/resources/sca/2024-state-automotive-software-de... .

appCD Expands Infrastructure from Code with Azure Kubernetes Service (AKS) Support

Retrieved on: 
Tuesday, April 9, 2024
CPO, Infrastructure as code, SAN, Structural load, SDLC, AKS, DevOps, Video game

SAN FRANCISCO, April 9, 2024 /PRNewswire/ -- appCD today announced its generative infrastructure from code solution now supports Azure Kubernetes Service (AKS).

Key Points: 
  • SAN FRANCISCO, April 9, 2024 /PRNewswire/ -- appCD today announced its generative infrastructure from code solution now supports Azure Kubernetes Service (AKS).
  • Platform teams can set golden standards at the infrastructure layer to enable developers to easily create infrastructure as code (IaC) from application code without annotation or extensive configuration required.
  • "Support for Azure AKS reflects our deep commitment to removing the burden of IaC so that users can securely deploy applications to any cloud without delay."
  • appCD automatically generates Infrastructure from Code (IfC) using application code allowing developers and platform teams to analyze, visualize, and generate open source IaC with golden standards automatically applied.

Foundational Secures $8M to Bring AI Agents into Data Engineering

Retrieved on: 
Monday, March 25, 2024
Data Management, Other Technology, Technology, Artificial Intelligence, Software, Singular, Gradient, Wiz, Organization, Viola Ventures, General partnership, Meta, AI, SDLC, Intelligence, Multimedia, Fear, Cryptocurrency

Foundational , a solution using advanced analysis to identify and prevent data issues in data platforms, today announces its general availability with $8 million in seed funding.

Key Points: 
  • Foundational , a solution using advanced analysis to identify and prevent data issues in data platforms, today announces its general availability with $8 million in seed funding.
  • View the full release here: https://www.businesswire.com/news/home/20240325257775/en/
    Data engineering code analysis performed by Foundational (Graphic: Business Wire)
    Data adoption has dramatically grown along with many cloud technologies for handling data at scale, yet data teams still heavily struggle with key problems around governance and quality, trailing behind software engineering.
  • “The inability to validate simple code changes, and the lack of visibility and controls, and the time-consuming nature of data engineering create a dramatic bottleneck on innovation and adoption of data and AI.
  • Software engineering has been able to scale tremendously through the use of code analysis, CI/CD and SDLC, and Foundational is now introducing these to data.

BlueFlag Security Emerges from Stealth with $11.5M Seed Funding to Address Critical Gaps in SDLC Security

Retrieved on: 
Thursday, March 21, 2024
Technology, Mobile, Wireless, Online Privacy, Retail, Web3, Supply Chain Management, Artificial Intelligence, Transport, Other Technology, Software, Networks, Data Management, Security, Logistics, Organization, Conference, Risk management, Environment, Philosophy, Intelligence, Risk, Identity, SVP, Trust, SDLC, Heart, RSA Conference

BlueFlag Security today announced a $11.5 million seed funding round to redefine software development lifecycle (SDLC) security.

Key Points: 
  • BlueFlag Security today announced a $11.5 million seed funding round to redefine software development lifecycle (SDLC) security.
  • BlueFlag Security is changing this narrative by addressing the importance of identity security while providing a unified risk perspective across the SDLC to prevent software supply chain attacks.
  • Founded by Raj Mallempati and Ken Schneider , BlueFlag Security offers a multi-layered defense platform that integrates identity security with open-source software risk management and developer tool posture management.
  • The BlueFlag platform doesn’t just add another layer of protection; it introduces a fundamentally different philosophy that places identity security at the heart of SDLC security and governance,” said Mallempati, CEO of BlueFlag Security.

JFrog Software Supply Chain Report Shows Most Critical Vulnerabilities Scores Are Misleading

Retrieved on: 
Tuesday, March 19, 2024
Software, Supply Chain Management, Networks, Professional Services, Business, Data Management, Apps, Applications, Technology, Artificial Intelligence, Security, Data Analytics, Retail, Other Technology, Docker, Inc., Union, Organization, High, Denial-of-service attack, SLDC, Entrepreneurship, OSS, Research, News, RCE, SDLC, Multimedia, CVSS, Movement, CVE, Critical

(KubeCon + CloudNativeCon Europe) — JFrog Ltd. (“JFrog”) (NASDAQ: FROG), the Liquid Software company and creators of the JFrog Software Supply Chain Platform , today released the findings of its annual Software Supply Chain State of the Union report 2024 , which identifies emerging development trends, risks and best practices for securing enterprise software supply chains.

Key Points: 
  • (KubeCon + CloudNativeCon Europe) — JFrog Ltd. (“JFrog”) (NASDAQ: FROG), the Liquid Software company and creators of the JFrog Software Supply Chain Platform , today released the findings of its annual Software Supply Chain State of the Union report 2024 , which identifies emerging development trends, risks and best practices for securing enterprise software supply chains.
  • View the full release here: https://www.businesswire.com/news/home/20240319775900/en/
    JFrog Software Supply Chain State of the Union Report 2024 (Graphic: JFrog)
    “DevSecOps teams worldwide are navigating a volatile field of software security, where innovation frequently meets demand in an age of rapid AI adoption,” said Yoav Landman, CTO and Co-Founder, JFrog.
  • Additionally, JFrog found that 74% of the reported common CVEs with High and Critical CVSS scores on the top 100 Docker Hub community images weren’t exploitable.
  • Share this: @JFrog shares research findings in their annual Software Supply Chain State of the Union 2024 report.

Info-Tech Research Group Outlines an Approach For Successful Agile Transformation in New Industry Blueprint

Retrieved on: 
Wednesday, April 3, 2024
Automation, Culture, Organization, Appetite, Head, Knowledge, Research, Scrum, Research group, SDLC, Behavior, Workforce, Product management, Management

TORONTO, April 3, 2024 /PRNewswire/ - Info-Tech Research Group explains in a new industry resource, Develop Your Agile Approach for a Successful Transformation, that despite an increasing appetite for Agile, the effectiveness of adoption within an organization often falters due to employees' conflicting or inadequate understanding of Agile principles and practices.

Key Points: 
  • TORONTO, April 3, 2024 /PRNewswire/ - Info-Tech Research Group explains in a new industry resource, Develop Your Agile Approach for a Successful Transformation, that despite an increasing appetite for Agile, the effectiveness of adoption within an organization often falters due to employees' conflicting or inadequate understanding of Agile principles and practices.
  • To assist organizations in navigating this challenge, the global IT research and advisory firm's new blueprint offers research insights and guidelines to help IT leaders shorten delivery times and improve software quality through Agile delivery methods.
  • To navigate a successful Agile transformation, Info-Tech recommends that IT leaders fully embrace key principles such as product management and product delivery within their Agile methodology.
  • For exclusive commentary from Alex Ciraco and Hans Eckman, experts in Agile methodology, or to access to the complete Develop Your Agile Approach for a Successful Transformation blueprint, please contact [email protected] .

BreachLock Named Notable Vendor in 7th Gartner® Guidance Framework for Building an Application Security Program

Retrieved on: 
Tuesday, March 26, 2024
Automation, CISA, Organization, Target, Ideation, Risk, Cyberattack, AS3, Acquisition, SDLC, Pocs, API, SRM, Maryland Route 122, SLA, Risk management

NEW YORK, March 26, 2024 /PRNewswire/ -- BreachLock , a global leader in attack surface discovery and penetration testing, has been named a notable vendor in Gartner's latest 2024 Guidance Framework for Building an Application Security Program.

Key Points: 
  • NEW YORK, March 26, 2024 /PRNewswire/ -- BreachLock , a global leader in attack surface discovery and penetration testing, has been named a notable vendor in Gartner's latest 2024 Guidance Framework for Building an Application Security Program.
  • "BreachLock is proud to be included as a notable vendor for application security alongside such security providers as Bishop Fox and Cobalt," commented BreachLock Founder & CEO, Seemant Sehgal.
  • At Breachlock, we agree that application security begins with ensuring our customers understand the extent of their application environment.
  • A Guidance Framework for Building an Application Security Program, Page 3.

Legit Security Launches AI-Powered, Enterprise-Grade Secrets Scanning Product

Retrieved on: 
Tuesday, March 26, 2024
Organization, Risk, PII, AI, Disclosure, IBM, GitHub, SDLC, API, Artifact, GitLab, Bitbucket, Risk management

BOSTON, March 26, 2024 /PRNewswire/ -- Legit Security, the leading platform for enabling companies to manage their application security posture across the complete developer environment, today announced the launch of its standalone enterprise secrets scanning product, which can detect, remediate, and prevent secrets exposure across the software development pipeline. An AI-powered solution that enables secrets discovery beyond source code, Legit's offering is built to meet the needs of even the most complex development organizations.

Key Points: 
  • "Unlike many solutions that are based on open source and other commercial tools, Legit's enterprise secrets scanning goes beyond the source code, and is powered by AI for much better accuracy," said Lior Barak, Chief Product Officer at Legit Security.
  • Key benefits of Legit's enterprise secrets scanning product include:
    Performance and scale: Organizations receive enterprise-grade secrets scanning capabilities suitable for large-scale organizations to scan thousands of developer assets within minutes.
  • With enterprise secrets scanning from Legit, customers can start with secrets scanning and, based on future needs, expand to other use cases, such as vulnerability management, compliance, and software supply chain security.
  • To learn more about how Legit tackles secrets detection across, join a webcast – "Secrets Detection: Why Coverage Throughout the SDLC is Critical to Your Security Posture" – on Thursday, March 28, 2024 at 2:30 pm ET.

Global Software Supply Chain Security Market - Orchestration of SSCS Capabilities for End-to-End Visibility Presents Growth Opportunities

Retrieved on: 
Thursday, March 21, 2024
Organization, Communication, Library, Software, Kubernetes, SDLC, SSCS, DevOps, Workload, LATAM, Video game

DUBLIN, March 21, 2024 /PRNewswire/ -- The "Global Software Supply Chain Security Growth Opportunities" report has been added to ResearchAndMarkets.com's offering.

Key Points: 
  • DUBLIN, March 21, 2024 /PRNewswire/ -- The "Global Software Supply Chain Security Growth Opportunities" report has been added to ResearchAndMarkets.com's offering.
  • As developers juggle between meeting agility and security when developing software, third-party tools, libraries, and open-source software offer opportunities for them to meet their business needs.
  • The surging use of cloud-native technologies and third-party or open-source tools and software will continue, especially in the next 1 to 3 years, adding complexity to the software supply chain and increasing SSCS risks.
  • The traditional application security approach is no longer effective in addressing threats and securing the entire software supply chain, which leaves organizations seeking a comprehensive SSCS approach to gain visibility into every stage of the software development life cycle (SDLC), including third-party and open-source software.