Chief Product Officer at GrammaTech, where he leads product strategy for the company’s application security testing product portfolio.
Just as the manufacturing sector has adopted the use of third-party providers to build their products, software development has created an extensive supply chain to address cost and time to market pressures for faster delivery of new applications and services. Virtually every modern custom-developed software application contains third-party components. These can be open source (OSS), custom ordered or commercial off the shelf (COTS) components. Lack of visibility into these building blocks poses a significant, and often underestimated, security risk.
Consider the supply chain analogy in aerospace manufacturing. Today, virtually every part of an airplane is provided by third-party suppliers to the manufacturer for final assembly. Unlike software, each airplane has a detailed bill of materials that contains an audit trail for each component, including the supplier, where it was produced,
Many enterprise software stocks are adding to their big 2020 gains on Thursday, as investors take heart in a batch of strong earnings reports that were posted on Wednesday afternoon.
Zscaler (ZS) – Get Report is up 24.3%, Okta (OKTA) – Get Report is up 6.9%, Snowflake (SNOW) – Get Report is up 16%, Elastic (ESTC) – Get Report is up 14.2% and CrowdStrike (CRWD) – Get Report is up 15.1% after each company comfortably beat its October quarter estimates and (generally speaking) issued strong guidance. And a number of other software names appear to be catching sympathy bids.
Palantir Technologies (PLTR) – Get Report, which tumbled yesterday on a Morgan Stanley downgrade, is up 8.8%. Smartsheet (SMAR) – Get Report is up 6.8%, Datadog (DDOG) – Get Report is up 4.8%, Unity
Meet the new boss. Same as the old boss. Those lyrics from The Who nearly 50 years ago sum up the sinking sense of inevitability that comes with each new round of consolidation in tech.
Periods defined by their innovative start-ups and restless reinvention give way to phases when industry leaders buy up the most promising newcomers and either snuff out their ideas or bend them to their own ends.
The cloud software business — also known as software as a service, or SaaS — may just have reached its moment of reckoning. This week’s $27.7bn acquisition of workplace messaging company Slack by Salesforce looks like a turning point — and not just because Slack has been emblematic of a wave of start-ups searching for new and more creative ways of working.
In the parlance of business software, the deal highlights the perennial tension between “best of breed” products —
A team of Johns Hopkins University researchers has developed a new software that could revolutionize how DNA is sequenced, making it far faster and less expensive to map anything from yeast genomes to cancer genes.
The software, detailed in a paper published in Nature Biotechnology, can be used with portable sequencing devices to accelerate the ability to conduct genetic tests and deliver diagnoses outside of labs. The new technology targets, collects and sequences specific genes without sample preparation and without having to map surrounding genetic material like standard methods require.
“I think this will forever change how DNA sequencing is done,” said Michael C. Schatz, a Bloomberg Distinguished Associate Professor of Computer Science and Biology and senior author of the paper.
The new process shrinks the time it takes to profile gene mutations, from 15 days or more to just three. That allows scientists to understand
Daimler will cut out traditional parts makers in order to fund a software development push that will involve hiring thousands of coders to build an operating system that rivals Tesla’s.
The Mercedes-Benz owner would buy fewer electronic components and “replace supplier development costs with personnel, building and computing costs”, Ola Kallenius, the company’s chief executive, told the Financial Times.
“Down the road, once we have gotten farther in this endeavour, I believe we could actually operate at a lower fixed cost level,” the Swedish boss added.
“We will pay less money to suppliers and then employ people in other places.”
The German group, which is in the middle of a painful restructuring as it struggles to pay for a late foray into electric vehicles, wants to own more of the complex technology that powers modern cars.
“We want to have one comprehensive operating system that goes from our
Disclosure: Our goal is to feature products and services that we think you’ll find interesting and useful. If you purchase them, Entrepreneur may get a small share of the revenue from the sale from our commerce partners.
In a remote working environment, you may not be able to meet teammates to fine-tune your pitches and presentations quite as much as you’d like. But you very likely have more time to send cold emails and make cold calls to present your product. Whether you’re a startup pitching investors or a consultant, a marketer creating ads, or a salesperson creating presentations and proposals, Kroma gives you a way to do it all more efficiently and with greater success.
Microsoft-owned GitHub, the world’s largest platform for open-source software, has found that 17% of all vulnerabilities in software were planted for malicious purposes.
GitHub reported that almost a fifth of all software bugs were intentionally placed in code by malicious actors in its 2020 Octoverse report, released yesterday.
Proprietary software makers over the years have been regularly criticized for ‘security through obscurity’ or not making source code available for review by experts outside the company. Open source, on the other hand, is seen as a more transparent manner of development because, in theory, it can be vetted by anyone.
SEE: Security Awareness and Training policy (TechRepublic Premium)
But the reality is that it’s often not vetted due to a lack of funding and human resource constraints.
A good example of the potential impact of bugs in open source is Heartbleed, the bug in OpenSSL that a Google researcher revealed in
It can take an average of over four years for vulnerabilities in open source software to be spotted, an area in the security community that needs to be addressed, researchers say.
According to GitHub’s annual State of the Octoverse report, published on Wednesday, reliance on open source projects, components, and libraries is more common than ever.
Over the course of 2020, GitHub tallied over 56 million developers on the platform, with over 60 million new repositories being created — and over 1.9 billion contributions added — over the course of the year.
“You would be hard-pressed to find a scenario where your data does not pass through at least one open source component,” GitHub says. “Many of the services and technology we all rely on, from banking to healthcare, also rely on open source software. The artifacts of open source code serve as critical infrastructure for much of the global