Many things can slow down the development and deployment of a project. But one of the most significant issues is also wholly manageable: Code Bloat. Bloated code occurs where the runtime environment contains useless pieces of code, like libraries or service binaries, that will invariably lead to software inefficiencies and security vulnerabilities.
The power of two CVEs Most people take it as a given that the gas station down the street will be open and have plenty of gas available, even if the price is higher than they’d like. That assumption was shattered in early May because of two unpatched vulnerabilities in Colonial Pipeline’s network. The attack that crippled the gas supply for the entire east coast didn’t require explosions or forces of nature.
Who’s responsible for security? Milton Friedman once said “When everybody owns something, nobody owns it, and nobody has a direct interest in maintaining or improving its condition.” While that quote was about physical buildings 40 years ago, it’s still relevant to how we build software today. The technology required to shift security left exists but the organizational shifts are lagging behind.
Here are five steps to help ease the burden Security teams are struggling to keep up with the pace of change in modern environments. More than 18,000 vulnerabilities disclosed in 2020 alone with an average mean time to patch of 60 to 150 days. On top of that, recent developments in DevOps enable developers to push code on demand and launch instances in cloud environments as often as the business needs.
Managing and measuring your security posture is complex Security is difficult in modern environments. The attack surface is exploding, and the pieces are constantly getting smaller. CISOs and operations teams have to maintain and secure environments that can be any combination of on-premise, cloud, containers, serverless, microservices, and kubernetes and are likely doing all of this from home these days.
The recent Solarwinds hack is the latest headline grabbing zero day to send shockwaves throughout the information security community. It was a sophisticated supply chain attack that incorporated several forensic countermeasures and impacted a number of large government institutions and private companies.
In this post we discuss two styles of Test Driven Development (TDD): Bottom Up (Chicago style) and Top Down (London style) also known as mockist style. We show how both styles can be used application development and how refactoring may affect the tests.
Business demands fuel technology shifts The growing shift towards digital business models, accelerated by the pandemic, has revealed the need for increased business and technology alignment across every industry. Customers expect to be able to interact with companies anywhere, anytime, and demand highly responsive, customizable experiences. Gartner refers to organizations with the ability to meet these demands as intelligent, composable businesses1.
Amid the many challenges for healthcare is managing escalating costs without compromising quality of care and risks to patient safety and privacy. For connected medical device (med-tech) companies, this presents a major opportunity to support healthcare providers with advanced digital services, often via mobile-connected devices that process and transmit critical patient-related health information.
