JFrog Trend Micro open source Copado devSecOps OpenSSF

JFrog Acquires Vdoo to Advance DecSecOps

Content By Devops .com JFrog today announced it has agreed to acquire Vdoo for $300 million in cash to gain a set of analytics tools that discover vulnerabilities in application binaries. Vdoo’s scanning tools, infused with machine learning algorithms, will be fully integrated with the...

continuous testing AI

Continuous Testing Practices – Part 3

Content By Devops .com In my prior blog, Continuous Testing – The Quest for Quality at Speed, I described five tenets and some of the practices for continuous testing to help with understanding what continuous testing is. In my consulting work, I find it necessary...

false positive GitLab

Prevent False Positives From Derailing Shift Left

Content By Devops .com Static application security testing (SAST) tools are designed to balance false positives (incorrect warnings) with false negatives (missed vulnerabilities) primarily because deeper analysis requires more time and computing resources. Both of these are in short supply among developers that are tasked...

Software Testing

SAST, DAST, SCA: What’s Best For AppSec Testing?

Content By Devops .com According to the most recent Verizon Data Breach Investigations Report, almost 90% of data breaches are driven by financial gain, up from 71% in last year’s report. Most noteworthy, however, is that cloud platforms are particularly at risk, with web application...

GrammaTech Allies with GitLab to Advance DevSecOps

Content By Devops .com GrammaTech announced today it has partnered with GitLab to integrate its GrammaTech CodeSonar static application security testing (SAST) tools with the GitLab Ultimate DevSecOps platform. Vince Arneja, chief product officer at GrammaTech, said integration with continuous integration/continuous delivery (CI/CD) platforms such...

What is SAST? Overview + SAST Tools

Content By Devops .com Ensuring your software is safeguarded against potential security vulnerabilities and threats is essential in the development process. One of the most beneficial, secure software development practices is to use static application security testing (SAST) and SAST tools. What You Need to...