Skip to main content

Posts

Survey Sees DevOps Workflows Evolving in the Age of AI

A global survey of 820 IT decision makers and DevOps practitioners finds that half of respondents (53%) report that developers in the age of artificial intelligence (AI) are now authoring more tests directly. Conducted by Perforce, that shift also appears to be enabling a similar percentage of organizations (55%) to provide quality assurance (QA) teams with more time to focus on analytics. Perforce CTO Anjali Arora said it appears that organizations are investing more time and effort in testing to prevent suboptimal code, otherwise known as AI slop, from being incorporated into software builds. That effort, in fact, also appears to be spurring more adoption of best DevSecOps practices, with 52% of respondents reporting their software development teams are embedding secure coding practices into the continuous integration/continuous delivery (CI/CD) platform. Half (50%) are also embedding security practices in code review, while 49% also extend security practices into runtime or pr...
Post a Comment
Read more
Recent posts

Codenotary Previews AI Platform to Autonomously Detect and Remediate IT Issues

Codenotary is previewing a software-as–a-service (SaaS) platform that enables artificial intelligence (AI) agents it has developed to autonomously detect, prioritize, and fix security, configuration, and performance issues. Company CEO Moshe Bar said the Codenotary Trust platform also enables continuous vulnerability tracking at both the Linux operating system and application level. Once an issue is detected, […] from DevOps.com https://ift.tt/yBg7Krm
Post a Comment
Read more

When AI Gets It Wrong: The Insecure Defaults Lurking in Your Code

The arrival of generative AI in the software development lifecycle (SDLC) is arguably the biggest shift in coding in decades. For development teams, tools like GitHub, Copilot, and other AI assistants act as a massive force multiplier, automating boilerplate, suggesting complex logic, and significantly accelerating time-to-commit. But as organizations rush to equip their teams, a […] from DevOps.com https://ift.tt/12oekf6
Post a Comment
Read more

Chainguard Expands Repository to Add More Secure Open Source Libraries

Learn how Chainguard is strengthening software supply chains by expanding its secure repository of Java, JavaScript, and Python libraries, enabling DevOps teams to access components compliant with SLSA framework standards. from DevOps.com https://ift.tt/qaWQFGg
Post a Comment
Read more

Unlocking Observability by Design With Inferred Schemas

Observability systems generate massive telemetry, but schema drift creates friction. Learn how inferred schemas and OpenTelemetry Weaver restore structure. from DevOps.com https://ift.tt/KFELxpk
Post a Comment
Read more

N. Korean Famous Chollima Hackers Use Malicious npm Packages to Steal Data

A group of more than two dozen malicious npm packages used to steal secrets and credentials from software developers has all the hallmarks – from infrastructure to operations – of Famous Chollima, the North Korean nation-state actor linked to the ongoing high-profile Contagious Interview scam. Threat researchers with Socket and Kieran Miyamoto of the DPRK […] from DevOps.com https://ift.tt/3lQe7pJ
Post a Comment
Read more

Eclipse Foundation Extends Scope and Reach of Open VSX Registry

The Eclipse Foundation launches a new framework for the Open VSX Registry, enhancing security features and transitioning to a hybrid architecture. With support from AI tool provider Cursor, this initiative aims to promote safer software supply chains. from DevOps.com https://ift.tt/AcCkgHy
Post a Comment
Read more