Deadlines are the dedicated programmer’s enemy, but they are a reality of the web development craft. In pursuing timely project turnovers, programmers must use open-source software to maintain efficiency and meet corporate projections. While OSS is a valuable tool in application building, the integration of open-source code presents security risks or vulnerabilities. Even without…
Continue ReadingDevOps
Supply Chain Attacks – Defend Against Dependency Substitution and Typosquatting
If you’ve referenced open-source software in your software development process, you’ve relied on code published to public repositories as “packages”. These packages can be an attack vector when a malicious character uses Dependency Substitution or Typosquatting to ceate a supply chain attack. Those packages are downloaded and installed by a package manager. Each programming language…
Continue Reading
Node.js Versioning
Node.js versioning is an essential skill for developers aiming to rapidly deploy secure web apps. Read about the tools that tame version management.
Continue Reading
10 Ways to Make GitHub Safe
Is GitHub Safe? The platform is as safe as a developer makes it. Learn about the cheats, tools, and tactics to keep projects safe throughout development.
Continue Reading
6 Dependency Management Tips for Developers
Managing dependencies isn’t easy for developers, especially in large projects with dependencies from many different sources. Staying organized when using dependencies is crucial both for productivity and security reasons, but can be a daunting task. Tips for managing dependencies often emphasize two primary messages: Establish Policies and Encourage Automation.
Continue Reading
What is DevSecOps
As DevOps has become more mainstream and the benefits become well known, practitioners have looked at new ways to apply and extend the concepts to expand the benefits of DevOps philosophy to other areas of the business. One such natural extension is DevSecOps. DevSecOps takes the core tenets of DevOps and expands them to include…
Continue ReadingExploring DevSecOps
Intro to DevSecOps As DevOps has become more mainstream and the benefits become well known. Practitioners have looked at new ways to apply and extend the concepts to expand the benefits of DevOps philosophy to other areas of the business. One such natural extension is DevSecOps. DevSecOps takes the core tenets of DevOps and expands…
Continue Reading
DevOps is Series: Jez Humble
There are many takes on what DevOps is. There are many different angles from many people. In this series, we will explore a few of the different opinions of key companies and influencers on what DevOps is and what it means to key influencers in the space.
Continue Reading
DevOps is: The Agile Admin
The Agile Admin says DevOps is “a new term emerging from the collision of two major related trends. The first was also called “agile infrastructure” or “agile operations”; it sprang from applying Agile and Lean approaches to operations work. The second is a much expanded understanding of the value of collaboration between development and operations…
Continue Reading
DevOps Is: Atlassian
Atlassian says DevOps is “a set of practices that works to automate and integrate the processes between software development and IT teams, so they can build, test, and release software faster and more reliably. The term DevOps was formed by combining the words “development” and “operations” and signifies a cultural shift that bridges the gap…
Continue Reading