Development, How To and SDLC - Information Technology Zone

How to make your developer organization more efficient

CIO Business Intelligence

SEPTEMBER 1, 2023

Developers are hired for their coding skills, but often spend too much time on information-finding, setup tasks, and manual processes. To combat wasted time and effort, Discover® Financial Services championed a few initiatives to help developers get back to what they do best: developing. The result?

Development

Development How To SDLC Engineering

The DevSecOps Lifecycle: How to Automate Security in Software Development

ForAllSecure

MAY 2, 2023

Historically, security has been bolted on at the end of the development cycle, often resulting in software riddled with vulnerabilities. The DevSecOps lifecycle can be broken down into the following steps, with the development, testing, and deployment stages often happening in a loop as software updates are made and new features are added: 1.

Software Development

Software Development Software Software Development

Is it worth measuring software developer productivity? CIOs weigh in

CIO Business Intelligence

DECEMBER 20, 2023

At the same time, developers are scarce, and the demand for new software is high. This has spurred interest around understanding and measuring developer productivity, says Keith Mann, senior director, analyst, at Gartner. Organizations need to get the most out of the limited number of developers they’ve got,” he says.

Software Development

Software Development Software Software Development

Webinars

Peak Performance: Continuous Testing & Evaluation of LLM-Based Applications

MORE WEBINARS

Cider Security launches application security platform

Venture Beast

MARCH 7, 2022

Cider Security aims to help users gain transparency over the software development life cycle (SDLC) from code development to deployment, while identifying risks in the environment and receiving recommendations on how to improve its overall security posture. Read More.

SDLC

SDLC Security Applications Software Development

Cider Security launches application security platform

Venture Beast

MARCH 8, 2022

Cider Security aims to help users gain transparency over the software development life cycle (SDLC) from code development to deployment, while identifying risks in the environment and receiving recommendations on how to improve its overall security posture. Read More.

SDLC

SDLC Security Applications Software Development

3 Reasons Developers Should Shift Left for API Security

ForAllSecure

DECEMBER 6, 2022

It allows developers to produce better code, catch API issues earlier in the development cycle, and get their work done faster. In order to build API security testing into the development process naturally, use a shift left approach along with an automated API tester, such as Mayhem for API. What Is Shifting Left?

Development

Development Security SDLC Software

Four Phases of Maturing Enterprise Agile Development

Social, Agile and Transformation

FEBRUARY 16, 2010

I cover topics for Technologists from CIOs to Developers - agile development, agile portfolio management, leadership, business intelligence, big data, startups, social networking, SaaS, content management, media, enterprise 2.0 Four Phases of Maturing Enterprise Agile Development. and business transformation. product lines?

Agile

Agile Development Enterprise Enterprise

Creep

A CIO's Voice

OCTOBER 27, 2010

As managers we know the productivity of the resources involved and how to allocate them, sometimes the requirements gathering fails and so does estimating costs and scheduling deliverables. This is often the case with application development. Users do not know how to communicate what they need. How to prevent scope creep?

SDLC

SDLC Project Management Applications Software Development

Your AST Guide for the Disenchanted: Part 4

ForAllSecure

OCTOBER 6, 2020

In today’s post, we’ll focus on how software composition analysis can help you address those known vulnerabilities. Developing applications works the same way. But, how do you test code that’s not yours? SDLC Phase. Continuous Testing at the Speed of Development. You are what you eat.

SDLC

SDLC Analysis Open Source Applications

Your AST Guide for the Disenchanted: Part 4

ForAllSecure

OCTOBER 6, 2020

In today’s post, we’ll focus on how software composition analysis can help you address those known vulnerabilities. Developing applications works the same way. But, how do you test code that’s not yours? SDLC Phase. You are what you eat. Software is eating the world. Free is rarely really free.

SDLC

SDLC Analysis Open Source Applications

Your AST Guide for the Disenchanted: Part 4

ForAllSecure

SEPTEMBER 25, 2020

In today’s post, we’ll focus on how software composition analysis can help you address those known vulnerabilities. Developing applications works the same way. But, how do you test code that’s not yours? SDLC Phase. You are what you eat. Software is eating the world. Free is rarely really free.

SDLC

SDLC Analysis Open Source Applications

Scaling security: How to build security into the entire development pipeline

CIO Business Intelligence

OCTOBER 31, 2023

When an application is finally ready for deployment, the last thing the development team wants to hear is: “Stop! If you want to make a change, make it in the early stages of the software development lifecycle,” said Pratiksha Panesar, director of cybersecurity at Discover Financial Services. There’s a security issue.”

Security

Security Development How To Applications

Can Application Security Testing Be Fixed?

ForAllSecure

SEPTEMBER 15, 2021

At the end of the day, developers merely want to know what the bug is and how to fix it. The keynote presentation is concluded with a Q&A session where he shares his tips and tricks for getting developers excited about security as well as justifying the need for a fuzz testing program.

Applications

Applications Security SDLC Analysis

Leveraging Fuzz Testing to Achieve ED-203A / DO-356A

ForAllSecure

JUNE 7, 2021

The reports provide methods and considerations for showing compliance with the airworthiness security process defined in ED-202A / DO-326A during avionics design and development. Fuzzing has also shifted from ad-hoc, post-development analysis to a key component of software development.

Analysis

Analysis Security Software Software

Leveraging Fuzz Testing to Achieve ED-203A / DO-356A

ForAllSecure

JUNE 7, 2021

The reports provide methods and considerations for showing compliance with the airworthiness security process defined in ED-202A / DO-326A during avionics design and development. Fuzzing has also shifted from ad-hoc, post-development analysis to a key component of software development.

Analysis

Analysis Security Software Software

Three Aspects of Enterprise Architecture Governance

Future of CIO

OCTOBER 26, 2013

But what’re the correlations of Enterprise Governance, EA Governance and IT Governance, and how to achieve high performing business results based on high mature governance? General Enterprise Architecture is the only business steering instrument which is developed from the architectural school.

Architecture

Architecture Government Enterprise Enterprise

Meet The Team Behind Mayhem: Come See Us At These Upcoming April 2023 Events

ForAllSecure

MARCH 31, 2023

We have a number of upcoming events planned for April 2023, including: RSA Conference, DevSecOps Days, and BSides Webinar: How to Increase Test Coverage With Mayhem for API Speed vs. Resilience: Making the Right Trade-offs for Software Security Securing Open Source Software University Hackathon Read on to learn more about April’s events.

Meeting

Meeting Automotive Open Source Devops

The Evolution of Security Testing

ForAllSecure

JULY 27, 2021

Security needs to be part of the development experience. While this type of testing is typically conducted by QA teams, modern collaborate closely with security or development teams. While this type of testing is typically conducted by security teams, modern DevOps shops may collaborate closely with QA or development teams.

Security

Security Applications Development SDLC

Good, Fast, Cheap: Can CIOs Have them All

Future of CIO

DECEMBER 20, 2012

Holiday season actually stimulates creativity, and spurs optimism; from one of IT performance debates: “good cheap, fast for enterprise application development, which two should CIO pick?”,--many commentators set positive tunes and think it possible to have them all. Hopefully, the "pick any two" approach is becoming obsolete.

SDLC

SDLC Agile Architecture Applications

The CyberWire Daily Podcast EP. 389 With Guest Speaker David Brumley

ForAllSecure

AUGUST 14, 2019

The cloud may help development and application teams move fast, but for security teams already dealing with alert fatigue, tool sprawl and legacy workflows, cloud adoption means a lot more stress. What we're talking about in DevSecOps is making all sorts of security testing part of normal development.

Security

Security Applications Development Financial

The CyberWire Daily Podcast EP. 389 With Guest Speaker David Brumley

ForAllSecure

AUGUST 14, 2019

The cloud may help development and application teams move fast, but for security teams already dealing with alert fatigue, tool sprawl and legacy workflows, cloud adoption means a lot more stress. What we're talking about in DevSecOps is making all sorts of security testing part of normal development.

Security

Security Applications Development Financial

THE CYBERWIRE DAILY PODCAST EP. 389 WITH GUEST SPEAKER DAVID BRUMLEY

ForAllSecure

AUGUST 14, 2019

The cloud may help development and application teams move fast, but for security teams already dealing with alert fatigue, tool sprawl and legacy workflows, cloud adoption means a lot more stress. What we're talking about in DevSecOps is making all sorts of security testing part of normal development.

Security

Security Applications Development Financial

The Hacker Mind Podcast: Hacking With Light And Sound

ForAllSecure

SEPTEMBER 29, 2020

In fact, it's so easy we demonstrated this at a elementary school museum where the museum shows kids how to use lasers to inject voices. I show six year old children how to put their voice in here with the laser beam it's it's really not that hard. Find out how ForAllSecure delivers advanced fuzz testing into development pipelines.

Research

Research Engineering Examples System

The Hacker Mind Podcast: Hacking With Light And Sound

ForAllSecure

SEPTEMBER 29, 2020

In fact, it's so easy we demonstrated this at a elementary school museum where the museum shows kids how to use lasers to inject voices. I show six year old children how to put their voice in here with the laser beam it's it's really not that hard. But really it’s not. Fu: It's not even that hard. Once you understand the physics.

Research

Research Engineering Examples System

The Hacker Mind Podcast: Hacking With Light And Sound

ForAllSecure

SEPTEMBER 28, 2020

In fact, it's so easy we demonstrated this at a elementary school museum where the museum shows kids how to use lasers to inject voices. I show six year old children how to put their voice in here with the laser beam it's it's really not that hard. But really it’s not. Fu: It's not even that hard. Once you understand the physics.

Research

Research Engineering Examples System

Key Takeaways From ForAllSecure's, “Achieving Development Speed And Code Quality With Behavior Testing” Webinar

ForAllSecure

AUGUST 21, 2019

In ForAllSecure’s latest webinar on “Achieving Development Speed and Code Quality with Behavior Testing (Next-Generation Fuzzing)”, Brumley unveils a next-generation dynamic testing technique that security teams trust and developers can love. Accuracy and reproducibility are key to enhancing developer productivity.

Development

Development Security Applications Devops

Key Takeaways From ForAllSecure's, “Achieving Development Speed And Code Quality With Behavior Testing” Webinar

ForAllSecure

AUGUST 21, 2019

In ForAllSecure’s latest webinar on “Achieving Development Speed and Code Quality with Behavior Testing (Next-Generation Fuzzing)”, Brumley unveils a next-generation dynamic testing technique that security teams trust and developers can love. Accuracy and reproducibility are key to enhancing developer productivity.

Development

Development Security Applications Devops

KEY TAKEAWAYS FROM FORALLSECURE’S, “ACHIEVING DEVELOPMENT SPEED AND CODE QUALITY WITH NEXT-GENERATION FUZZING” WEBINAR

ForAllSecure

AUGUST 21, 2019

In ForAllSecure’s latest webinar on “Achieving Development Speed and Code Quality with Behavior Testing (Next-Generation Fuzzing)”, Brumley unveils a next-generation dynamic testing technique that security teams trust and developers can love. Accuracy and reproducibility are key to enhancing developer productivity.

Development

Development Security Applications Devops

What CEOs really need from today’s CIOs

CIO Business Intelligence

AUGUST 3, 2022

Modern delivery is product (rather than project) management , agile development, small cross-functional teams that co-create , and continuous integration and delivery all with a new financial model that funds “value” not “projects.”. Platforms are modular, intelligent, and run algorithms that allow us to change very quickly.

Architecture

Architecture Software Software Cloud

Information Technology Zone

How to make your developer organization more efficient

The DevSecOps Lifecycle: How to Automate Security in Software Development

Webinars

Trending Sources

Is it worth measuring software developer productivity? CIOs weigh in

Webinars

Cider Security launches application security platform

Cider Security launches application security platform

3 Reasons Developers Should Shift Left for API Security

Four Phases of Maturing Enterprise Agile Development

Creep

Your AST Guide for the Disenchanted: Part 4

Your AST Guide for the Disenchanted: Part 4

Your AST Guide for the Disenchanted: Part 4

Scaling security: How to build security into the entire development pipeline

Can Application Security Testing Be Fixed?

Leveraging Fuzz Testing to Achieve ED-203A / DO-356A

Leveraging Fuzz Testing to Achieve ED-203A / DO-356A

Three Aspects of Enterprise Architecture Governance

Meet The Team Behind Mayhem: Come See Us At These Upcoming April 2023 Events

The Evolution of Security Testing

Good, Fast, Cheap: Can CIOs Have them All

The CyberWire Daily Podcast EP. 389 With Guest Speaker David Brumley

The CyberWire Daily Podcast EP. 389 With Guest Speaker David Brumley

THE CYBERWIRE DAILY PODCAST EP. 389 WITH GUEST SPEAKER DAVID BRUMLEY

The Hacker Mind Podcast: Hacking With Light And Sound

The Hacker Mind Podcast: Hacking With Light And Sound

The Hacker Mind Podcast: Hacking With Light And Sound

Key Takeaways From ForAllSecure's, “Achieving Development Speed And Code Quality With Behavior Testing” Webinar

Key Takeaways From ForAllSecure's, “Achieving Development Speed And Code Quality With Behavior Testing” Webinar

KEY TAKEAWAYS FROM FORALLSECURE’S, “ACHIEVING DEVELOPMENT SPEED AND CODE QUALITY WITH NEXT-GENERATION FUZZING” WEBINAR

What CEOs really need from today’s CIOs

Stay Connected