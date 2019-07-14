IBM/Red Hat/Fedora Leftovers
-
Putting security into DevOps is tougher than it looks [Ed: Red Hat fluff. The Register is dead. "PAID FEATURE" it discloses at the top... so they've quit journalism and are just posting junk for deep-pocketed companies/people who pay them to do it; The Register has been increasingly compromised this past year.]
If software development has absorbed a single lesson in the last two decades it’s that there’s an urgent need to integrate security at an early stage rather than leaving flaws to rot dangerously inside compiled code. Optimistically, dubbed shift left, the trick has been working out what this means in an era undergoing an historic transformation of development models.
In monolithic, linear development, implementing shift left was about adding a security checking stage earlier in the coding lifecycle. This was never easy and, the complaint went, slowed everything down, but the pileup of vulnerability disasters told the industry something had to change. One case study was Microsoft’s then novel Security Development Lifecycle (SDL) of the early 2000s.
Today, however, coding is increasingly defined by cloud native applications, agile development, and infrastructure as code (IaC), coordinated using continuous deployment platforms such as Kubernetes. In this world of high-velocity DevOps, the idea of early intervention is stretched to breaking point. Code is created, tested, and deployed at incredible speed.
-
Fedora Community Blog: Friday’s Fedora Facts: 2021-46
Here’s your weekly Fedora report. Read what happened this week and what’s coming up. Your contributions are welcome (see the end of the post)!
Fedora Linux 33 will reach end of life on Tuesday 30 November. The F35 retrospective survey is open through 4 December.
I have weekly office hours on Wednesdays in the morning and afternoon (US/Eastern time) in #fedora-meeting-1. Drop by if you have any questions or comments about the schedule, Changes, elections, or anything else. See the upcoming meetings for more information.
-
Near Zero Downtime maintenance with RHEL for SAP Solutions [Ed: IBM Red Hat -- like SUSE -- is shilling SAP's proprietary software again, as if for GNU/Linux to win this is what's required]
-
- Login or register to post comments
- Printer-friendly version
- 525 reads
- PDF version
More in Tux Machines
- Highlights
- Front Page
- Latest Headlines
- Archive
- Recent comments
- All-Time Popular Stories
- Hot Topics
- New Members
Microsoft Keeps Clobbering and Attacking Firefox and Mozilla
Emmanuele Bassi: Fair Weather Friends
Today I released libgweather-3.90.0, the first developers snapshot of GWeather 4... Also: Felix Häcker: #19 Updated Calculations
Videos: KDE, Pi Servers, and Emacs
Linux-on-NXP boards from Kontron and SolidRun gain Arm SystemReady compliance
Kontron and SolidRun have each announced several NXP-based embedded products that have achieved Arm SystemReady certification for interoperable Linux stacks and boot systems. Following Arm’s formal announcement of its Arm SystemReady initiative in Oct. 2020, support for the interoperability program has begun to accelerate. Yesterday, Kontron announced three embedded Linux products based on NXP processors that have received Arm SystemReady certification for standardized firmware and hardware running on Arm-based CPUs. The products include its pITX-iMX8M Pico-ITX SBC and sandwich-style BL i.MX8M Mini, as well as a new KBox A-203-LS networking box with an NXP LS1028A.
Recent comments
1 hour 14 sec ago
1 hour 6 min ago
1 hour 34 min ago
1 hour 37 min ago
2 hours 39 min ago
5 hours 3 min ago
1 day 45 min ago
1 day 1 hour ago
1 day 2 hours ago
1 day 2 hours ago