Dependency Checking Your Ruby Application Checking your application’s dependencies for known vulnerabilities is a critical, relatively low effort step you should take to secure your application, which you may have read about in another recent article: What is SCA? Compared to the wealth of tools used for dependency checking in, for example JavaScript, there’s not […]
Executive Vice President Mike Sowers and Senior Training Manager Stephanie Fender discuss how to implement a culture of continuous learning through learning journeys in our next Coveros Conversation.
With limited budgets, the need for customization, and the desire for user support, it’s no surprise open source software is becoming increasingly popular, especially in the DevOps arena.
Application security, or AppSec, is hard. For development teams, it often comes into development late in a release cycle and demands changes to the software that seem unreasonable. For the AppSec team, being introduced to a project after the application has been designed and much of the code has been written means there will be […]
One of the key conversations organizations and teams forget about in their transition to agile and DevOps is updating their measurement and metrics plan. Many companies are still using measurements and metrics from the traditional waterfall software development lifecycle. While some of these remain useful, many may not provide value to the team or organization—and […]
Time spent at a conference is precious, so you should make sure there is a return on that investment. What better way to do so than to leverage agile ideas? Here are a few tips based on the principles behind the Agile Manifesto for getting the most out of attending a conference. Embrace change Like […]
I’m often asked about the future of the testing role. Should I change my career direction? What’s in store for testing roles? Will there be a need for quality and testing expertise in the future? As a quality engineer, or tester, or testing leader, where do I go from here? No one has a crystal […]
The 2019 Accelerate State of DevOps report was recently released. This annual research compilation is a great resource to see what’s going on in the world of agile and DevOps. The report evaluates organizations against five key metrics, collectively called software delivery and operational performance metrics: Lead time for changes: How long does it take for a […]
We like to take a look at our top blogs each year and see what everyone is interested in so we can create interesting content for the new year.
Background A client recently wanted to move several DevOps and scanning tools into the cloud, to which they were in the process of proving out and transitioning. We had a number of security scanning and static analysis tools, along with corresponding dashboards and a continuous integration server to orchestrate them. All of these tools were […]
