CircleCI announces new capabilities to its self-hosted runners
New features extend speed and security for today's enterprise-level software delivery teams.
Operations | Monitoring | ITSM | DevOps | Cloud
The Place Where Modern Operations & Technology Come Together
CI CD
The latest News and Information on Continuous Integration and Development, and related technologies.
Cloudstream - Episode 1
Exploration of Cloudsmith technologies and friendly banter.
Software supply chain: What it is and how to keep it secure
As shortages of consumer goods and rising prices caused by bottlenecks in international supply networks have become more common, the global supply chain and its vulnerabilities have been top of mind for many. For developers, several high-profile software security exploits have recently underscored the risks inherent in a similar type of supplier network: the software supply chain.
Prevent XSS attacks with browser testing
Security is a never-ending battle on the web. You can have a server up in just a few minutes, and the next minute, someone is already trying to hack into it. These attacks could be automated using malicious bots or launched manually. Websites can be targeted by a malicious user trying to compromise your web presence or data. Cross-site scripting (XSS) is just one type of attack your site may be vulnerable to.
Trusted SBOMs delivered with the JFrog Platform and Azure
SBOMs provide essential visibility into all the components that make up a piece of software and detail how it was put together. With an SBOM in hand it’s possible to determine if software contains existing security and compliance issues or is impacted by newly discovered vulnerabilities. The SBOM is imperative due to the White House’s cybersecurity executive order from May 2021 requiring them for all government software purchases and many private organizations following suit.
Human-Friendly, Production-Ready Data Science Stack with Metaflow & Argo Workflows with Savin Goyal
There is a pressing need for tools and workflows that meet data scientists where they are. This is also a serious business need: How to enable an organization of data scientists, who are not software engineers by training, to build and deploy end-to-end machine learning workflows and applications independently. In this talk, we discuss the problem space and the approach we took to solving it with Metaflow, the open-source framework we developed at Netflix, which now powers hundreds of business-critical ML projects at Netflix and other companies from bioinformatics and drones to real estate.
Why focus on developer productivity? ft. Gradle CTO, Justin Reock
Rob sits down with Justin Reock to discuss developer productivity engineering (DPE).
Technical Debt | The DevOps Centered Approach
For more information, visit: circleci.com/blog/manage-and-measure-technical-debt/
Supply Chain Security Meetup June 21 2022 (Sponsored by JFrog)
Software Supply Chain Security Virtual Meetup Open-source vulnerabilities are in many applications. While finding them is critical, even more, critical is remediating them as fast as possible. Securing your software supply chain is absolutely critical as attackers are getting more sophisticated in their ability to infect software at all stages of the development lifecycle, as seen with Log4j and Solarwinds.
Automating deployment of a Dockerized Python app to Docker Hub
CI/CD systems follow a multi-tiered environments pattern: development, testing, staging, and production release are all part of this process. Each setting in this cycle could have a variety of set ups and configurations. As a result, having to set up separate configurations for different environments could be inconvenient and burdensome. In this tutorial, we will take a look at what Docker is and how it has freed developers from set-up problems and port clashes.