CircleCI

JANUARY 21, 2021

Optimize your pipelines in 2021 with these CI/CD best practices. It’s 2021, and CI/CD is instrumental for engineering teams in improving their development cycles. At CircleCI, we are committed to helping our customers achieve more optimized pipelines to streamline their delivery to production.

Load Balancer 104

Load Balancer Testing AWS Analysis 104

Tenable

DECEMBER 8, 2022

A recent SANS Institute report finds that DevSecOps teams are improving their tooling, processes and techniques, but their organizations’ increasingly hybrid and multi-cloud IT environments are getting harder to secure. We also provide insights on how Tenable can help. Five insights to bolster your DevSecOps strategy.

Survey 98

Survey Cloud Software Review Serverless 98

Prisma Clud

NOVEMBER 8, 2022

Because of its ability to orchestrate and automate application deployment, scaling, and management, Kubernetes has become the de-facto deployment and orchestration tool for cloud-native applications. We cannot talk about securing container-based applications without talking about DevSecOps. Infrastructure Automation With IaC.

Technical Review 98

Technical Review Technology Software Review Infrastructure 98

Prisma Clud

AUGUST 30, 2023

As we discussed in the previous blog post, Third-Party GitHub Actions: Effects of an Opt-Out Permission Model , the permissive nature of GitHub Actions workflows is prevalent throughout the open-source community and private projects on GitHub. Figure 1: GitHub Actions workflow consumes a secure, pinned version of a third-party action.

Software Review 98

Software Review Systems Review Open Source Resources 98

Xebia

APRIL 5, 2022

There are a few things you should consider before creating a Paved Road in your organisation. Development teams are free to add any code behaviour they want, but the CI/CD pipelines must be the same for all. You can run code compliance checks, unit tests, and even test the Docker images as part of your pipeline.

Compliance 130

Compliance Microservices Continuous Delivery Testing 130

Xebia

FEBRUARY 17, 2023

Introduction Welcome to part two of the Application Security Testing series. Like I mentioned in the previous blog, during this blog series we are going to look at the different types of Application Security Testing and Software Composition Analysis. How does DAST work?

Applications 130

Applications Testing Authentication How To 130

Prisma Clud

NOVEMBER 15, 2022

By transforming cloud resources and their configurations into code, IaC allows us to store, version control and test our infrastructure just like we would our applications in code. With the right approach, it can actually consolidate and streamline your infrastructure and application security efforts.

Software Review 96

Software Review Infrastructure Open Source Cloud 96

Tenable

APRIL 16, 2024

But sometimes we like to give you a peek behind the curtain to share how we protect our own house against cyberattacks – and that’s what this blog is about. Today we’re sharing our experience adopting the supply-chain security framework SLSA, with the hopes that the lessons we learned will be helpful to you. What is SLSA?

Software Review 70

Software Review Software Systems Review Guidelines 70

CircleCI

NOVEMBER 18, 2020

This blog is for teams that have already implemented security best practices and are looking for further information on how to continue to monitor security. If you’re looking for information on how to implement automated security practices read our ebook, Vulnerability Management and DevSecOps with CI/CD.

eBook 72

eBook Open Source AWS DevOps 72

CircleCI

DECEMBER 16, 2022

Continuous integration and delivery (CI/CD) optimizes team development flows by automating build, test, and deployment processes to ensure fast and reliable delivery of high-quality software. Despite these benefits, bringing new technologies into your toolchain sometimes involves a long and frustrating learning process.

Tools 59

Tools Software Review Technical Review Policies 59

Prisma Clud

JULY 13, 2023

With the increasing adoption of CI/CD systems, organizations tend to adopt a common CI/CD architecture. This architecture combines SaaS-based source control management systems — such as GitHub and GitLab — with an internal, self-hosted CI/CD solution like Jenkins.

System 52

System Firewall Authentication Internet 52

CircleCI

JANUARY 24, 2022

Security is a vital part of application development, yet it may be neglected until an attacker takes advantage of a vulnerability in the system. The consequences of a security breach can damage an application’s integrity as well as a company’s reputation and revenue. The goal of the test is to break the web form. Prerequisites.

Software Review 97

Software Review Technical Review Testing Systems Review 97

Openxcell

JANUARY 11, 2022

Whether it’s talking with friends on social media, ordering movie tickets on your phone, or planning a business trip using an airline app. Continuous delivery is a software development approach that accelerates the deployment of new code by automating the process. You can also quickly tweak your workflows to fit specific needs.

Continuous Delivery 98

Continuous Delivery DevOps Weak Development Team Airlines 98

Altexsoft

DECEMBER 31, 2020

This is a guest article by Gabe Nelson from Semaphore CI. There are a lot of things that go into creating a functional Continuous Integration and Delivery pipeline. In order for the automated processes to work properly, a long chain of successful events has to take place. This has to do with how complex a CI/CD pipeline can be.

How To 59

How To Weak Development Team Testing Performance 59

Prisma Clud

APRIL 18, 2024

Security breaches can cost millions. They’re going to want to know how security teams are protecting their infrastructure. Prologue : Intro to Security Theater Security theater. Security theater is essentially the illusion of security. Security theater is essentially the illusion of security.

Compliance 59

Compliance Culture Cloud Strategy 59

Prisma Clud

APRIL 27, 2023

Since the term was first coined in 2017, GitOps has provided a new operating model for developing, delivering, testing, and deploying cloud-native infrastructure. One of the primary tenets of GitOps is that Git is the only interface that developers interact with, leaving the rest of the integration and deployment process to automation.

Cloud 52

Cloud Infrastructure Policies Continuous Integration 52

CircleCI

NOVEMBER 7, 2022

This tutorial covers: Using the Jest framework to set up unit testing for a serverless application. Running the tests locally. Building a pipeline to run tests and deploy the app. It frees you from worrying about how to package and deploy the application to the cloud, so you can focus on your application logic.

Serverless 98

Serverless Testing Applications Lambda 98

CircleCI

JUNE 9, 2021

For the past two and a half years as a Solutions Engineer at CircleCI, I’ve had the distinct pleasure of working with some of CircleCI’s largest customers to help them instill healthy CI/CD practices into their development processes. Orbs also make it easier and faster for developers to get up to speed on projects. Public orbs.

Testing 59

Testing Open Source Scalability Applications 59

Prisma Clud

OCTOBER 26, 2023

3 Security and InfoSec teams are in a race with malicious actors. 3 Security and InfoSec teams are in a race with malicious actors. Dealing with the noise has typically overwhelmed security teams pulling in developers , essentially handing them laundry lists of hundreds or thousands of vulnerabilities, saying "Please fix."

Cloud 69

Cloud Open Source Serverless Analysis 69

Perficient

MARCH 26, 2023

Copado is a powerful tool that makes it easier for Salesforce teams to manage complex branching and merging in Salesforce. Copado is a powerful tool that makes it easier for Salesforce teams to manage complex branching and merging in Salesforce. It offers you a complete solution to organize, monitor, and perform your DevOps processes.

DevOps 69

DevOps Continuous Delivery Testing Change Management 69

Tenable

JANUARY 22, 2024

Learn how to better your cloud security program with these ten security resolutions. From CSPs to CSPMs to EC2s, there’s a litany of acronyms and jargon to contend with, especially in the realm of cloud security. Each acronym and concept represents an important part of the cloud security ecosystem.

Cloud 67

Cloud Strategy Weak Development Team Policies 67

Mobilunity

MAY 18, 2021

In this article, we discuss the specifics of Kubernetes (Kube, K8), its applicability, benefits, and how to hire a highly qualified Kubernetes developer. In this article, we discuss the specifics of Kubernetes (Kube, K8), its applicability, benefits, and how to hire a highly qualified Kubernetes developer. Contact us.

Azure 83

Azure AWS DevOps Recruiting 83

OTS Solutions

JUNE 16, 2023

In this blog, we discuss and understand how digital transformation and app modernization is transforming existing businesses. App modernization can enhance security and compliance for businesses. By modernizing their applications, businesses can incorporate the latest security measures to protect against threats.

Artificial Inteligence 130

Artificial Inteligence How To Technical Review Software Review 130

Flexagon

AUGUST 30, 2022

Code and information security is becoming a bigger consideration as technology keeps evolving. The risk of security vulnerabilities or inadequate authentication controls leading to a data leak exposure, reputational damage, and financial penalties and fines is very real. One major feature included in the upcoming FlexDeploy 6.0

Testing 78

Testing Report Applications Software Development 78

OTS Solutions

JUNE 16, 2023

In this blog, we discuss and understand how digital transformation and app modernization is transforming existing businesses. App modernization helps businesses to update their existing software into more progressive, scalable, and productive software. Let us start by understanding app modernization in brief.

Artificial Inteligence 130

Artificial Inteligence How To Technical Review Software Review 130

Coveros

OCTOBER 1, 2021

A modern DevOps approach can help” Your team has followed industry trends and shifted from a monolithic system to a widely distributed, scalable, and highly available microservices architecture. Instead, you can’t figure out which versions of the services work with each other, even in your test environments.

Microservices 52

Microservices DevOps Weak Development Team Testing 52

Prisma Clud

FEBRUARY 16, 2023

This increase in attacks has caused widespread concern in the security industry. GitHub found that 43% of security professionals feel “somewhat” or “very” unprepared for the future – and that’s a serious issue. To understand why and how to implement DevSecOps, we first need to understand what DevSecOp is and how it differs from DevOps.

Software Review 52

Software Review How To DevOps Education 52

Flexagon

JANUARY 25, 2023

Before we look ahead, let us appreciate how much we have evolved in delivering on our founders’ vision to simplify the complexity of deploying changes to Enterprise Software Platform Technologies. With the release of FlexDeploy 6.0 Installation and upgrades were simplified for existing and new customers to save time and speed adoption.

UI/UX 78

UI/UX Software Review Off-The-Shelf Azure 78

CircleCI

MAY 25, 2021

layout: post date: ‘2021-05-25 18:00’ published: false title: Adding IaC security scans to your CI pipeline with Ideni author: yoni-leitersdorf image: /blog/media/Tutorial-Beginner-C.jpg html_title: dding IaC security scans to your CI pipeline with Ideni | CircleCI description: Learn how to automate your IaC security using CirclCI and Ideni.

AWS 52

AWS Weak Development Team Policies Testing 52

Perficient

DECEMBER 28, 2023

In this blog post, we’ll explore the synergy between HCL Commerce and Spring Boot, unravelling the benefits and reasons why Spring Boot is a valuable addition to the HCL Commerce ecosystem. Why Integrate Spring Boot with HCL Commerce?

Microservices 52

Microservices Scalability B2C Architecture 52

O'Reilly Media - Ideas

APRIL 2, 2024

AI news is infiltrating other sections of Trends (particularly Programming and Security)—but that’s also hardly news. However, the attack raises a lot of troubling questions about security—including the question of how we know software is trustworthy. Can there be restrictions on how the AI is used? Nobody knows.

Artificial Inteligence 74

Artificial Inteligence Trends Open Source Linux 74

Xebia

AUGUST 9, 2023

With the industry moving towards end-to-end ML teams to enable them to implement MLOPs practices, it is paramount to look past the model and view the entire system around your machine learning model. The classic article on Hidden Technical Debt in Machine Learning Systems explains how small the model is compared to the system it operates in.

System Design 130

System Design Systems Review System Machine Learning 130

Cloudera

MARCH 14, 2023

In our previous DataFlow Designer blog post , we introduced you to the new user interface and highlighted its key capabilities. In this blog post we will put these capabilities in context and dive deeper into how the built-in, end-to-end data flow life cycle enables self-service data pipeline development.

Agile 80

Agile Development Data Serverless 80

Perficient

DECEMBER 16, 2022

So, you find yourself in a need of a Sitecore upgrade and don’t know what to start with or how to approach it? This series of blog posts will cover the whole process from zero to hero, or in upgrade terms – from planning to going live. Part 6: Testing and going live. Testing and Going Live. Part 1: Scope Planning.

Testing 64

Testing Disaster Recovery Systems Review Metrics 64

Prisma Clud

JANUARY 24, 2023

How do you secure Kubernetes? Part of the answer is to identify and address security risks within the various components of Kubernetes itself as well as their configurations. But the other part of the key to Kubernetes security—and the one that is easier to overlook—is the DevOps lifecycle.

DevOps 52

DevOps Software Review Systems Review Infrastructure 52

CircleCI

JANUARY 13, 2022

Using CircleCI’s orbs is a great way to share CI/CD configuration across projects. Public orbs work well for wide adoption, but private orbs have been helpful for organizations needing to share common internal configuration in a secure, non-public way. This new access opens up a number of new possibilities for your pipelines.

Organization 52

Organization Software Review Testing Hardware 52

Altexsoft

SEPTEMBER 30, 2022

Microservice architectures are well known for their modern application-building strategy that allows you to reuse and redesign specific areas based on your requirements. This is a guest article by Madhu Kesavan from W2S Solutions. Nowadays, organizations must shift their operations to the digital age; it is no longer an option.

Applications 52

Applications Cloud Software Review Microservices 52