DevSecOpsPro https://www.webpronews.com/technology/devsecopspro/ Breaking News in Tech, Search, Social, & Business Sat, 13 Apr 2024 10:46:13 +0000 en-US hourly 1 https://wordpress.org/?v=6.5.3 https://i0.wp.com/www.webpronews.com/wp-content/uploads/2020/03/cropped-wpn_siteidentity-7.png?fit=32%2C32&ssl=1 DevSecOpsPro https://www.webpronews.com/technology/devsecopspro/ 32 32 138578674 Amazon’s High-Tech Crusade Against Fake Reviews https://www.webpronews.com/amazons-high-tech-crusade-against-fake-reviews/ Sat, 13 Apr 2024 10:46:13 +0000 https://www.webpronews.com/?p=603272 At Amazon, customer trust isn’t just a goal; it’s the foundation on which the e-commerce giant builds its vast empire. As counterfeit reviews increasingly clutter online marketplaces, threatening to undermine consumer confidence, Amazon is doubling down on sophisticated technological solutions to preserve the integrity of its user feedback system.

Josh Meek, the senior data science manager for Amazon’s Fraud and Abuse Prevention Team, detailed the extensive measures the company is taking to ensure that only genuine reviews guide customer decisions. Utilizing advanced machine learning models and deep neural networks, Amazon scrutinizes each review through a high-powered analytical lens that few other platforms can claim to employ.

“Every review that hits our platform is assessed against thousands of data points, learned from over two decades of review patterns,” Meek explained. These models aren’t just parsing the text of the reviews; they’re examining user behavior, purchase history, and a myriad of subtle signals that might suggest manipulation — such as the timing and clustering of reviews or improbable connections between users.

The technology at the forefront of this battle is a combination of Large Language Models (LLMs) and Graph Neural Networks (GNNs). LLMs apply natural language processing to detect anomalies that suggest a review might be incentivized — perhaps by a free product or a discount. Meanwhile, GNNs map out complex networks of user relationships, flagging clusters of accounts that might be acting in concert to flood products with unearned praise.

When these tools flag a review as potentially fraudulent, the path forward varies. “If our algorithms determine with high confidence that a review is inauthentic, we can act swiftly to remove it and penalize those responsible,” Meek said. This might involve revoking the ability to post future reviews or even initiating legal actions against serial abusers.

However, not all suspicious cases are clear-cut. “When we detect signs of manipulation but lack conclusive evidence, our trained investigators dig deeper,” Meek continued. This might involve physical checks of product shipments for tell-tale inserts soliciting positive reviews in exchange for rewards, a practice strictly prohibited on the platform.

The challenge of distinguishing genuine from fake reviews is formidable due to the sophisticated tactics fraudsters employ. Fake reviews often mimic legitimate content, showing high satisfaction levels and masking their artificial origins behind a veneer of authenticity. “Outsiders often get it wrong because they lack access to the comprehensive data we’ve compiled,” Meek stated, highlighting Amazon’s advantage in its ongoing war against fraud.

Amazon’s proactive stance is part of its broader commitment to ensuring a fair and trustworthy shopping environment. “It’s always day one,” Meek said, echoing CEO Jeff Bezos’ famous philosophy and underscoring the company’s relentless drive for innovation. This mindset fuels Amazon’s continuous efforts to refine its fraud detection capabilities and safeguard both its customers and legitimate vendors.

As e-commerce continues to evolve, Amazon’s high-tech arsenal against fake reviews will be crucial in maintaining the marketplace integrity millions of consumers rely on daily.

]]>
603272
Unlocking the Power of DevSecOps: A Step-by-Step Guide https://www.webpronews.com/unlocking-the-power-of-devsecops-a-step-by-step-guide/ Mon, 11 Mar 2024 15:44:34 +0000 https://www.webpronews.com/?p=601254 In an age where technology reigns supreme, the integration of security measures into development and operations processes has become paramount. But what exactly is DevSecOps, and how can it be seamlessly implemented into pipelines and projects?

In a comprehensive video tutorial, a seasoned DevOps expert takes viewers on a journey through the intricacies of DevSecOps, shedding light on its importance and demonstrating practical implementation techniques.

“Before we dive in, I’d like to extend a humble request to all our viewers,” the expert begins. “Recording and uploading these videos takes considerable time and effort. If you find value in our content, consider subscribing to our channel for daily updates on DevOps-related topics.”

With that, the tutorial launches into a deep dive into DevSecOps, using a pet clinic application as a real-world example. The expert navigates through the intricacies of Jenkins, a popular CI/CD tool, showcasing a sample pipeline designed to compile code, build Docker images, and deploy applications to a Tomcat server.

The tutorial’s heart lies in implementing security measures within the DevOps workflow. The expert introduces viewers to key security tools, including SonarQube for code quality checks, OSP Dependency Check for vulnerability detection, and Trivy for Docker image scanning.

Viewers are guided step-by-step through configuring these tools within the Jenkins environment, from installing plugins to defining tool configurations and executing analysis tasks.

“DevSecOps is more than just a buzzword,” the expert emphasizes. “It’s about integrating security into every development and deployment lifecycle stage.”

As the tutorial progresses, viewers witness the seamless execution of security checks, with SonarQube highlighting code smells and bugs, OSP Dependency Check flagging vulnerabilities, and Trivy uncovering potential security risks within Docker images.

After successfully completing each stage of the pipeline, the expert showcases the deployed application, demonstrating the power of DevSecOps in ensuring the integrity and security of software deployments.

“By embracing DevSecOps practices, organizations can enhance the reliability and security of their software products,” the expert concludes. “It’s not just about building and deploying applications; it’s about building them securely.”

As the video comes to an end, viewers are left equipped with the knowledge and tools needed to embark on their own DevSecOps journey, ready to integrate security seamlessly into their development and deployment workflows.

]]>
601254
96% of Third-Party Cloud Container Apps Have Known Vulnerabilities https://www.webpronews.com/96-of-third-party-cloud-container-apps-have-known-vulnerabilities/ Mon, 04 Mar 2024 02:01:35 +0000 https://www.webpronews.com/?p=512280

A whopping 96% of third-party cloud container apps have known vulnerabilities, highlighting ongoing cloud security challenges.

Cloud computing is often touted as more secure than traditional options. Unfortunately, this is only true if all parties involved make security a prime objective.

According to Palo Alto Networks’ Unit 42 team, some 96% of third-party container apps have known vulnerabilities. In addition, 63% of third-party code templates contain insecure configurations.

The news is especially concerning given the rise of supply chain attacks. Hackers are increasingly targeting widely used, third-party software, services, containers and plugins. Successfully compromising a single vendor who’s product is used by thousands of customers can have a far greater impact than compromising a single target.

Unit 42 highlights the danger of supply chain cloud attacks:

In most supply chain attacks, an attacker compromises a vendor and inserts malicious code in software used by customers. Cloud infrastructure can fall prey to a similar approach in which unvetted third-party code could introduce security flaws and give attackers access to sensitive data in the cloud environment. Additionally, unless organizations verify sources, third-party code can come from anyone, including an Advanced Persistent Threat (APT).

Organizations that want to stay secure must start making DevOps security a priority:

Teams continue to neglect DevOps security, due in part to lack of attention to supply chain threats. Cloud native applications have a long chain of dependencies, and those dependencies have dependences of their own. DevOps and security teams need to gain visibility into the bill of materials in every cloud workload in order to evaluate risk at every stage of the dependency chain and establish guardrails.

]]>
512280
7 Key Software Trends Shaping the Future of Technology https://www.webpronews.com/software-trends-future-of-technolog/ Mon, 19 Feb 2024 16:41:23 +0000 https://www.webpronews.com/?p=600197 Capitalizing on new technologies is crucial to remaining competitive as a business. In today’s digital world, that means staying current on the latest software trends, as these shape much of the most impactful modern tech.

Software development, like most tech sectors, is rapidly evolving. To help keep up with the growing pace of innovation, here are seven key trends business owners and tech leaders must know.

1. AI-Assisted Programming

Generative AI — made famous by tools like ChatGPT — was undoubtedly the defining technology of the past year. It’ll also be one of the most significant in the years to come.

While generative AI’s natural language and image-producing capabilities often take the spotlight, its coding ability is more practical in software development. As these tools improve, more devs will likely use them to automate repetitive programming tasks like writing basic scripts or checking code.

AI-assisted programming can free hours in devs’ schedules and reduce errors for more polished final products. As tech talent gaps grow more severe, businesses can’t afford to overlook that potential. Tech teams should consider how they can integrate generative AI into their workflows — and, more importantly, learn to check its results to use it effectively and ethically.

2. Growing Cybersecurity Concerns

The growing need for better cybersecurity is an older but still relevant software trend. While businesses have become more aware of cybersecurity concerns, cybercrime hasn’t gone away, so improved protections are imperative.

Dev teams must embrace security early in the design phase instead of applying it as an afterthought. Cybercriminals are also starting to leverage AI, so businesses must respond with AI-guided protections and testing against these more sophisticated attacks.

Security throughout the software supply chain is also coming into focus. With third-party breaches rising and merger activity tripling in some industries, addressing partner vulnerabilities is more important than ever. Businesses must perform thorough due diligence and limit other parties’ access privileges across the software supply chain.

3. Low-Code and No-Code Development

Today, virtually every company is a tech business to some extent. This shift has created skyrocketing demand for tech talent across all sectors, leaving many organizations with IT worker shortages. In response, the industry is leaning toward low-code and no-code development processes.

Plug-and-play development interfaces — especially for websites and mobile apps — have become increasingly common. Capitalizing on these tools is essential in remaining productive despite a competitive programming labor landscape.

Businesses with plenty of coding talent have a unique opportunity amid this trend. If these teams can develop low-code and no-code technologies for other organizations, they could profit heavily from this growing market.

4. DevSecOps

Another key software trend is a shift toward DevSecOps development cycles. This practice builds on the rapid, highly collaborative DevOps philosophy by adding security teams into the mix from the first stages.

DevSecOps addresses two significant concerns in modern software. First, it enables continuous improvement and higher functionality by emphasizing teamwork and ongoing reviews to create the best product possible quickly. Secondly, it ensures security by design by involving cybersecurity experts throughout the entire dev process.

Because DevSecOps is so rapid and intensive, learning to use it will require adjustment. Teams must experiment with it now to become confident in the practice for future projects. Failing to implement DevSecOps in the coming years will give more agile competitors an advantage.

5. Microservices Architecture

In the pursuit of more functional apps, software development is also trending toward microservices architecture. Conventional, monolithic architecture groups all features in a single service, but microservices break them into smaller, independently running modules.

The primary advantage of this new method is that you can change one feature without affecting the entire program. That segmentation leads to fewer errors and faster update timelines. It also improves scalability and flexibility, which is increasingly crucial as software trends shift more frequently.

Like with DevSecOps, switching to microservices architecture will entail initial disruption. This method may increase organizational complexity, so dev teams must learn to distribute specialized duties while communicating closely. Off-the-shelf containerization tools can also help.

6. Emphasis on UX

As the public uses more digital apps and websites, their expectations about these services are rising. Consequently, user experience (UX) is an increasingly central pursuit for software development teams.

A dedicated app or website is no longer enough to stand out as a business. These services must be highly functional and convenient, or they risk turning users away. Increasing loading times from just one to five seconds increases bounce rates by 90%, so everything must be as responsive as possible.

Good UX starts with optimizing apps and websites to run quickly, even on minimal hardware — and especially on mobile. Apart from these technical considerations, devs must pay close attention to user trends to see what kinds of formats and features they prefer. Ongoing feedback and adjustments are necessary to keep UX optimal amid changing demands.

7. Sustainable Software

Sustainability is a growing trend in many industries, and software is no exception. As the world relies more heavily on software, data centers’ energy consumption has come into the spotlight. Power-hungry innovations like AI and blockchain will make balancing performance and sustainability more challenging yet important.

If dev teams can create more sustainable digital solutions, they’ll stand out from the energy-intensive crowd. As that trend grows, those who don’t adapt may stand apart for the wrong reasons.

Sustainable software relies heavily on designing resource-efficient architectures. The less power an app needs to deliver the same performance, the better. Using renewable-powered data centers to support these services is also important.

Today’s software trends will define the technology of tomorrow. Businesses must stay on top of these developments to adapt to shifting markets. That adaptation will mean some disruption in the near term, but if organizations can tackle it sooner rather than later, they can get ahead of the curve and ensure long-term success.

]]>
600197
QA Automation: Delivering High-Quality Products with Increased Efficiency https://www.webpronews.com/qa-automation/ Sun, 04 Feb 2024 16:49:26 +0000 https://www.webpronews.com/?p=523965 Quality assurance (QA) plays a critical role in ensuring that software products meet customer requirements and are free from defects. However, traditional manual testing methods can be time-consuming, labor-intensive, and error-prone. To address these challenges, companies are increasingly turning to QA test automation as a means to deliver high-quality products with increased efficiency.

Automated testing allows companies to quickly and accurately test software products, ensuring that they meet customer requirements and are free from defects. By automating repetitive, time-consuming tasks, developers can focus on higher-level tasks such as improving the user experience and developing new features.

The Benefits of QA Automation

QA automation has numerous benefits, including increased speed and accuracy of testing, improved test coverage, and reduced costs. Automated testing tools enable companies to test software products faster and more accurately, while reducing the number of defects that make it into production.

Automated testing also improves test coverage by allowing developers to test a broader range of scenarios than would be possible with manual testing. By reducing the number of defects that make it into production, companies can reduce the cost of fixing defects, as well as the cost of maintaining and supporting software products.

Implementing QA Automation

Implementing QA automation requires careful planning and execution. Companies need to select the right tools, set up the test environment, and develop the automated test scripts. It is also crucial to establish a collaborative relationship between the development and QA teams to ensure that the implementation is successful.

Selecting the right tools is critical to the success of QA automation. Companies need to consider factors such as the ease of use, the level of integration with other tools, and the availability of support and training. It is also essential to set up the test environment properly, ensuring that it accurately reflects the production environment.

Developing the automated test scripts requires a deep understanding of the software product, as well as the testing requirements. The test scripts need to be carefully designed and maintained to ensure that they are accurate and up-to-date.

Best Practices for QA Automation

To ensure the success of QA automation, companies need to follow best practices such as selecting the right test cases for automation, maintaining a robust test suite, and regularly updating and maintaining automated test scripts.

Selecting the right test cases for automation is critical to the success of QA automation. Companies need to identify the test cases that are the most time-consuming, error-prone, and repetitive. By automating these test cases, developers can save time and reduce the risk of defects.

Maintaining a robust test suite is essential to the success of QA automation. The test suite needs to be regularly updated and maintained to ensure that it accurately reflects the current state of the software product. Companies also need to ensure that the test suite is well-organized and easy to use.

Continuous integration and continuous testing are critical to the success of QA automation. By continuously testing software products throughout the development process, companies can identify defects early and reduce the cost of fixing defects.

Challenges in QA Automation

Despite the numerous benefits of QA automation, there are also challenges that companies need to be aware of. Some of the challenges include maintaining test scripts, handling dynamic UI elements, and dealing with the complexities of integration testing.

Maintaining test scripts can be a time-consuming and challenging task, especially when software products are updated frequently. Companies need to establish processes for updating and maintaining test scripts to ensure that they accurately reflect the current state of the software product.

Handling dynamic UI elements can also be challenging, as these elements can change frequently and unpredictably. Companies need to develop strategies for handling dynamic UI elements to ensure that automated tests remain accurate and up-to-date.

Integration testing can be a complex task in QA automation. It involves testing the interactions between different components and systems to ensure that they work together seamlessly. However, it is crucial for delivering a high-quality product, as integration issues can result in serious defects and user dissatisfaction. To overcome the challenges of integration testing, companies should adopt a comprehensive approach that includes automated testing, manual testing, and cross-functional collaboration. Continuous testing and continuous integration can also help to identify and resolve integration issues early in the development process, improving the overall efficiency and effectiveness of QA automation.

The Role of AI and Machine Learning in QA Automation

QA automation has traditionally relied on human operators to develop and execute test cases. However, with the advancements in artificial intelligence (AI) and machine learning (ML), automation can be taken to the next level. The integration of AI and ML into QA automation can help to improve test accuracy and reduce false positives. It can also help automate more complex testing scenarios, such as security testing.

The Potential of AI and ML in QA Automation

AI and ML have the potential to revolutionize QA automation. By leveraging these technologies, testing can be made more efficient and effective. AI algorithms can analyze large amounts of data to identify patterns and insights, while ML algorithms can learn from experience and improve over time. This can lead to more accurate testing, reduced testing time, and increased test coverage.

Automating Complex Testing Scenarios

Security testing is a critical component of software testing. However, it can be a challenging task, requiring expertise in the domain and knowledge of the latest threats and vulnerabilities. By using AI and ML, security testing can be automated, reducing the workload on human testers and improving the accuracy and coverage of the tests.

QA Automation in Agile and DevOps Environments

Agile and DevOps have become the standard development methodologies in recent years. These methodologies prioritize speed and collaboration, and they rely heavily on automation. QA automation plays a critical role in these methodologies by enabling faster and more frequent releases. It fits into the continuous integration and continuous delivery (CI/CD) pipeline, allowing testing to be integrated into the development process.

The Importance of Test Automation

Test automation is essential for successful Agile and DevOps methodologies. It allows for faster feedback and quicker identification of defects. Automated tests can be executed quickly and repeatedly, providing confidence in the quality of the software. Test automation enables developers to focus on higher-level tasks, such as designing new features and improving the user experience.

Conclusion and Future Directions of QA Automation

In conclusion, QA automation is a critical component of modern software development. With the advancements in AI and ML, it has the potential to become even more efficient and effective. Cloud-based testing is also becoming more prevalent, enabling testing to be performed remotely and on-demand. As QA automation continues to evolve, it is likely that it will become even more intelligent and efficient, helping companies to deliver high-quality products with increased efficiency.

]]>
523965
Microsoft’s Netflix Formula: Promise Big and Don’t Compete https://www.webpronews.com/microsofts-netflix-formula-promise-big-and-dont-compete-2/ Thu, 18 Jan 2024 17:30:54 +0000 https://www.webpronews.com/?p=517786 Microsoft surprised the industry Netflix chose the Redmond company for its advertising ambitions, but Microsoft had a winning formula.

Netflix has been working to unveil an ad-supported tier as it looks to revitalize its subscriber growth. The company turned in its first subscriber drop in nearly a decade and sees an ad-supported tier as a way to attract new customers. Google and NBCUniversal parent Comcast were seen as the front-runners to assist Netflix, but Microsoft swooped in seemingly out of nowhere to secure the contract.

According to Business Insider, there were a combination of factors that led to Microsoft’s win, not the least of which was what the company was willing to promise. Google pulled out all the stops in assembling a team that “went to the top of the company” but couldn’t meet Netflix’s expectations.

“We got feedback from Netflix that our number was underwhelming,” Insider’s source revealed.

Much of the problem stemmed from Google hedging its bets over fears Netflix would eventually abandon it in favor of an in-house solution.

“This deal only made sense for Google to put the effort and reconfigurations to go to market if Netflix was going to permanently outsource it,” the source continued.

In contrast, Microsoft approached the deal with a far more optimistic view, meeting Netflix’s targets — reportedly revenue in the “billions” — and viewing the new relationship as a way to eventually poach Netflix as a cloud customer from AWS.

“What I see is Netflix is testing the Azure/Microsoft waters with a feature or two first,” a Microsoft employee told Insider.

Another factor — and one that is becoming a major one for companies choosing a cloud provider — is that Microsoft doesn’t directly compete with Netflix. AWS parent Amazon has Amazon Prime, Comcast owns NBCUniversal and its Peacock streaming service, and Google owns YouTube TV.

Ultimately, when taken together, Microsoft had the right attitude, approach, and circumstances to pull off the advertising coup of the year.

]]>
517786
DevOps Organizations Are Increasingly Turning to Alternate Cloud Providers https://www.webpronews.com/devops-organizations-are-increasingly-turning-to-alternate-cloud-providers/ Sat, 18 Nov 2023 01:20:23 +0000 https://www.webpronews.com/?p=517752 A new report on the DevOps industry should be a concern for the top three cloud providers, showing that organizations are increasingly looking for alternate providers.

AWS, Microsoft Azure, and Google Cloud dominate the industry, accounting for a 71% share of the market. Similarly, the three companies account for 65% of all cloud spending. Nonetheless, it appears some organizations are looking to support smaller, independent rivals.

A new report, commissioned by Linode and conducted by Techstrong Research, shows that despite 93% of respondents using one of the Big Three, two-thirds would consider an alternative.

The largest three hyperscalers (Amazon Web Services, Microsoft Azure, Google Cloud Compute) are used by 93% of respondents. Yet many DevOps buyers are re-thinking a reflex default to these hyperscalers. Two-thirds of companies surveyed would consider bringing in an “alternative” CSP; almost 22% have already done so. In fact, the combined market share for the top alternative vendors is fourth in the category, just behind Microsoft and Google.

Even more troubling for the Big Three is the growing interest in alternative providers, as well as the reasons that interest is growing.

Interest and adoption is highest in small and medium organizations (fewer than 10,000 employees). Main reasons for bringing in a new vendor include reducing reliance on a single provider, improving price performance and ease of use, and better data protection.

Another growing concern is competition from a company’s cloud service provider (CSP). Each of the Big Three are part of larger companies that offer a wide array of products and services, many of which can compete with the products and services of their cloud customers.

More than 50% of DevOps professionals and leaders surveyed say their CSP is already a competitor to their B2B or B2C business or is expected to become one. Fear of IP loss and rapid market displacement is also evidenced in respondent’s strong stated desire to work with a trustworthy, capable provider who shares their company values.

Needless to say, the Big Three hold a commanding position in the market, and it will be a long time before they face a serious challenge. Nonetheless, the report should be a cause for concern and highlights areas where they must improve in order to keep their customers happy.

]]>
517752
Report: Cloud Cost Visibility Is a Major Problem for Organizations https://www.webpronews.com/report-cloud-cost-visibility-is-a-major-problem-for-organizations/ Wed, 15 Nov 2023 02:18:16 +0000 https://www.webpronews.com/?p=518339 As organizations continue to migrate to the cloud, clearly understanding usage and costs is proving to be a significant challenge.

Unlike on-premise infrastructure, most cloud providers use a pay-as-you-go model, allowing for a low barrier-to-entry and easy scalability. Unfortunately, that model can also lead to significant challenges accurately predicting how much cloud computing will ultimately cost.

According to Anodot’s State of Cloud Cost Report, almost 50% of IT executives say it’s proving difficult to control cloud costs, while respondents say that gaining visibility and understanding both usage and costs is a top challenge. Similarly, 88% cite optimization and reduced spending on existing cloud deployments as extremely or very important.

Interestingly, despite these concerns, 60% of those polled plan to migrate more workloads to the cloud in the coming year.

Anadot highlights the importance of organizations carefully tracking their cloud usage to better understand their needs and associated costs:

Unless costs are managed carefully, it’s quite easy to lose track of what’s being used—especially for organizations with large development teams that move quickly and tend to try new things. Misconfigurations, over-provisioning, and forgotten resources that have been provisioned but abandoned are the bane of cost management for DevOps teams. Unfortunately, for many organizations, the surprise costs only show up when the monthly invoice arrives.

Understanding cloud cost visibility is not a new challenge. In fact, AWS recently took steps to lower customers’ bills following years of complaints and a reputation for surprise bills, artificially high fees, and hidden costs.

With 60% of organizations planning to increase their cloud deployments, cost visibility is something that will need to be addressed sooner rather than later.

]]>
518339
Microsoft Partially Fixes Windows 11 SSD Performance Issues https://www.webpronews.com/microsoft-partially-fixes-windows-11-ssd-performance-issues/ Tue, 15 Aug 2023 18:21:36 +0000 https://www.webpronews.com/?p=592179 Microsoft appears to have partially fixed the poor performance issues that were plaguing NVMe SSD users in Windows 11.

According to Windows Latest, the Windows 11 August 2023 Update appears to have fixed some issues with SSDs in Windows 11 that began with the March 2023 update. Some users had reported as much as a 50% performance hit.

“In the world of DevOps, I/O performance is king. After the March update, it was like driving a sports car with a clogged fuel filter. This recent August update has fixed NVMe SSD problems for us, but it has also shed light on the need for Microsoft to improve its quality assurance processes. Also, thanks for tracking the issue for us, Mayank,” one user told the outlet.

“I manage a fleet of systems, and the sluggish SSD issue from the March update was a glaring anomaly. Had to provisionally look for third-party solutions just to keep things moving. With the August update now deployed across the board, I see consistent disk performance across our devices. Grateful for the fix, but it’s a reminder of how crucial thorough testing is before rolling out any software updates,” another user told Windows Latest.

Interestingly, the August 2023 Update does not mention the SSD performance issues, not does it fix it for all users. Nonetheless, at least some users are reporting improved performance after the update.

]]>
592179
Microsoft Defender for Cloud Comes to Google Cloud https://www.webpronews.com/microsoft-defender-for-cloud-comes-to-google-cloud/ Fri, 11 Aug 2023 17:19:40 +0000 https://www.webpronews.com/?p=591778 Microsoft is expanding its cloud security products, bringing Microsoft Defender for Cloud to rival Google Cloud Platform (GCP).

Microsoft has been expanding its Microsoft Defender for Cloud to offer multicloud security. The product already supports AWS, in addition to Microsoft’s own Azure, but now the company has announced support for GCP.

Vasu Jakkal, Corporate Vice President, Security, Compliance, Identity, and Management, made the announcement in a company blog post:

Today, we’re thrilled to announce new advanced multicloud posture management capabilities for Google Cloud Platform (GCP) in Microsoft Defender for Cloud to help customers proactively prevent breaches across multicloud and hybrid environments.

Microsoft is recognized as a Representative Vendor in the 2023 Gartner Market Guide for Cloud Native Application Protection Platforms.3 Microsoft Defender for Cloud became the first cloud provider to offer multicloud workload protection for cloud infrastructure, applications, and data across the full lifecycle for all three public clouds.4 Since then, we’ve rapidly expanded our CNAPP capabilities to provide advanced posture management with Microsoft Defender Cloud Security Posture Management (Defender CSPM), DevSecOps security with integrations into GitHub Advanced Security, and continued investments in our cloud workload protection (CWP) solutions across servers, containers, APIs, storage, and databases.

On August 15, 2023, Defender CSPM will extend its advanced agentless scanning, data-aware security posture, cloud security graph, and attack path analysis capabilities to GCP, providing a single contextual view of cloud risks across Amazon Web Services (AWS), Azure, GCP, and hybrid environments.

The move will likely make Microsoft Defender for Cloud the leading multicloud security option.

]]>
591778
The Rise of Mobile DevOps Engineering https://www.webpronews.com/mobile-devops-engineering/ Fri, 04 Aug 2023 10:07:31 +0000 https://www.webpronews.com/?p=591624 Entering 2021, the ‘DevOps Engineer’ title emerged as the most coveted job designation, reflecting the skyrocketing demand for experts in Mobile DevOps Engineering.  The domain has undergone a substantial evolution with the DevOps market, valued at $7 billion in 2021, projected to reach an astounding $51 billion by 2030, representing a compound annual growth rate (CAGR) of 24.7%.  With the market’s expansion comes a concurrent growth in the demand for Mobile DevOps engineers.

The Ascent of Mobile

2022 witnessed a surge in the mobile industry, from an 11% rise in new app downloads and a 14% increase in mobile ad spending, to a 3% growth in in-app usage hours.  This burgeoning mobile arena has provoked 35.55% of recruiters to prioritize hiring candidates with DevOps skills.  Consequently, a forecast predicts a 21% increase in the need for DevOps engineer roles by 2028.

In the current landscape, Mobile DevOps engineers are not merely a want but a necessity.  The role’s demand has magnified due to escalating company popularity, necessitating swift build, test, and release times to meet and exceed consumer expectations.  A fascinating shift to mobile as the primary revenue avenue has been observed, with 33% of American retailers, 42% of small businesses, and 55% of millennial-owned businesses boasting at least one app.

However, with an escalating reliance on mobile apps, fresh pressures are mounting on the industry.  A mounting demand for rapid mobile deployment is observed, with 57% of developers accelerating their code release speed.  Despite this, a significant 80% of developers cite a lack of automation as a bottleneck for timely code delivery.

DevOps and Their Tools

Consumer expectations also add to the strain.  A striking 60% of consumers discard an app after a single performance issue, and the rate increases to 80% following continuous problems.  Additionally, with around 81% of mobile apps vulnerable to cyberattacks, the need for DevSecOps is more pressing than ever.  This reality will likely fuel the global DevSecOps market growth, expected to increase from $2.59 billion to $23.16 billion by 2029.

Addressing these pressures, DevOps tools—particularly CI/CD—are becoming instrumental for Mobile DevOps engineers.  The utility of such tools is evident, with one in five developers now adopting CI/CD tools for automating the building, testing, and deploying code.  These tools augment operational efficiency, offering benefits like speed, quality, and return on investment (ROI), leading to 49% of companies testifying to a reduced time-to-market and 61% affirming improved deliverable quality.

Barnabas Birmacher, CEO and Co-Founder of Bitrise, states, “Being mobile-first means companies are constantly optimizing their mobile offerings.” Bitrise stands as a testament to this belief, being a tool of choice for over half of all mobile unicorn startups. The platform aids Mobile DevOps engineers by slashing build times, boosting deployment frequency, enhancing app stability, and optimizing infrastructure spending.

Conclusion

The future of Mobile DevOps Engineering is indeed promising, with the potential to expand job opportunities, fuel demand, and elevate the quality of deliverables. As we navigate this exhilarating era, the key lies in harnessing this evolving field’s potential, leveraging tools like Bitrise, and focusing on mobile-centric strategies to excel in the digital transformation journey.

The Future of Mobile DevOps Engineering
Source: bitrise
]]>
591624
CI/CD Pipeline: Streamlining Development for Speed and Reliability https://www.webpronews.com/ci-cd-pipeline-mobile-development/ Wed, 02 Aug 2023 16:50:20 +0000 https://www.webpronews.com/?p=591589 In today’s rapidly evolving technological landscape, the significance of a mobile continuous integration and continuous delivery (CI/CD) platform cannot be exaggerated. This platform plays a crucial role in automating the laborious manual work traditionally required to build, test, and deploy a mobile application. By adopting CI/CD practices and tools, developers can deliver software updates more frequently. It is reliably ensures both customer satisfaction and the seamless operation of company functions.

Exploring the CI/CD Pipeline

As the demand for mobile apps continues to soar, there has never been a more pressing need for a strong CI/CD pipeline. With 7.33 billion mobile users globally, or almost the entire world’s population, mobile apps have become indispensable for a variety of functions, from playing mobile games to keeping up with social media posts. This massive demand is evident in the over 255 billion mobile app downloads worldwide in 2022 alone. As a result, it is anticipated that by 2026, demand for mobile app developers would rise from 17% to 24%.

Rapid creation is becoming more and more necessary in response to the rise in demand for mobile apps. Sixty percent of developers claim that code is released into production more quickly than in past years, with 15% releasing code three to five times quicker and 35% releasing code at a rate that is twice as quick as in 2021. Developers have considerably increased their coding pace in a relatively short amount of time, relying on CI/CD’s skills to stay on top of the game.

Challenges in Mobile App Production

However, several real-world challenges hinder mobile app production. There is a shortage of engineers with the highly specialized mobile development skills and experience required for Mobile DevOps. Additionally, evolving customer demands and expectations contribute to high uninstall rates. Buggy releases can quickly alienate customers, leaving little room for errors in the competitive mobile space. Furthermore, the industry is experiencing inflation, with rising costs associated with salaries, benefits, and even cloud-based service platforms. Surprisingly, 85% of SaaS companies have not adjusted their prices to match these increasing costs. This underscores the importance of error-free processes.

While 35% of developers claim to have fully integrated CI/CD pipelines within their organizations. This number should be higher given the immense benefits offered by these pipelines. Mobile app developers leveraging this technology can identify bugs long before the app reaches production. 50% of workflow failures occurring within an hour or less. By adopting CI/CD, developers can provide seamless mobile experiences. This surpass evolving customer expectations and release improvements at a faster pace. Consequently, this translates into higher ratings and more engaged customers.

Conclusion

Mobile CI/CD automation eliminates tedious manual tasks, freeing up developers’ mental resources to focus on creating superior apps at an accelerated rate. Elite developers are 3.7 times more likely to use continuous testing. They are 4.1 times more likely to adopt continuous delivery, and 5.8 times more likely to employ continuous integration if they meet their reliability targets. CI/CD simplifies maintenance and upgrades, enhances test reliability, increases developer satisfaction, boosts customer satisfaction, and reduces overall costs. The best CI/CD platforms offer cutting-edge services. These include advanced build pipeline management, release management, and support for both native and cross-platform development.

The Importance of Automating Your Mobile CI/CD Pipeline
Source: BitRise.io ]]>
591589
AWS CEO Pitches Cloud Cost Savings but Customers Not Convinced https://www.webpronews.com/aws-ceo-pitches-cloud-cost-savings-but-customers-not-convinced/ Sun, 11 Dec 2022 02:50:37 +0000 https://www.webpronews.com/?p=520603 AWS CEO Adam Selipsky is trying to convince customers that cloud computing can save them money, but many are unconvinced.

Amid an uncertain economy, companies are looking to cut costs everywhere. Selipsky is touting cloud computing as a way for companies to save money, according to Business Insider.

“When it comes to the cloud, many of our customers know they should be leaning in precisely because of economic uncertainty, not despite it. The cloud is more cost-effective,” Selipsky said, adding: “If you are looking to tighten your belt, the cloud is the place to do it.”

Despite the CEO’s confidence, many customers are not convinced that cloud costs can be kept under control. Pay-as-you-go cloud computing sounds good, but costs can quickly escalate as companies begin to scale up.

“Especially in the past month and a half, the volume of inbound calls we’re getting from startups saying, ‘We need to cut our costs dramatically’” has increased, Ken Cheney, the chief revenue officer at Ternary, told Insider. “It’s the macro conditions, right? Suddenly spending money like a drunken sailor doesn’t make sense.”

This isn’t the first time cost has come up as a concern with cloud computing. In August, Anodot’s State of Cloud Cost Report found that 50% of IT executives said it was proving difficult to control cloud costs.

Unless costs are managed carefully, it’s quite easy to lose track of what’s being used—especially for organizations with large development teams that move quickly and tend to try new things. Misconfigurations, over-provisioning, and forgotten resources that have been provisioned but abandoned are the bane of cost management for DevOps teams. Unfortunately, for many organizations, the surprise costs only show up when the monthly invoice arrives.

If companies continue to struggle with cloud computing costs, AWS and others may have their work cut out convincing customers to continue spending money.

]]>
520603
Microsoft Announces Microsoft Cloud for Sovereignty https://www.webpronews.com/microsoft-announces-microsoft-cloud-for-sovereignty/ Wed, 20 Jul 2022 01:52:27 +0000 https://www.webpronews.com/?p=517852 Microsoft is upping its efforts to target government and public sector clients and help them transition to the cloud.

Microsoft has been rolling out customized versions of its cloud platform in an effort to target specific markets. One such example is Azure Space, which the company launched in late 2020. Microsoft has now announced Microsoft Cloud for Sovereignty.

“Governments are obligated to meet specific requirements for varying data classifications including data governance, security controls, privacy of citizens, data residency, sovereign protections and compliant operations following legal regulations like the GDPR (General Data Protection Regulation),” writes Corey Sanders, Corporate Vice President, Microsoft Cloud for Industry and Global Expansion Team. “The Microsoft Cloud for Sovereignty — offering governance, security, transparency and sovereign technology — combined with strategic partners can support the digital transformation of government customers unlike any other cloud provider in the world.”

Government cloud contracts have become increasingly important to Microsoft as the company works to catch up with market leader AWS. The company acquired Impact Level 6 Pentagon certification in late 2019, giving it the ability to bid on classified contracts.

Microsoft and AWS have continued to compete with each other for lucrative government contracts, and Microsoft clearly wants to gain an advantage.

“Microsoft Cloud for Sovereignty is being built on the Microsoft public cloud to accelerate digital transformation while creating a customized experience adhering to government requirements,” Sanders adds. “Government customers will have the power of the public cloud, addressing low cost, agility and scale expectations, with the full breadth of capabilities like modern developer services, agile infrastructure, secure DevOps, open-source platforms, modern collaboration and low-code development. Additionally, Microsoft Cloud for Sovereignty customers will continue benefiting from Microsoft’s global security signals, analyzing over 24 trillion signals every day to identify and help protect against local attacks.”

The company has already been working with governments around the world to help build solutions that meet their needs.

“Institutions and critical national infrastructures need the modeling, building and management of resilient-by-design Secure National Clouds able to guarantee data integrity, availability and protection in line with country-systems guidelines,” said Gennaro Faella, Senior Vice President Innovation, Leonardo. “Thanks to our extended research and innovation capabilities we can leverage the best from Microsoft Cloud with our capabilities in the cyberspace and in protecting national assets. Our long-term collaboration comes together in a solution that helps ensure the sovereignty of data while at the same time benefiting from the innovation of the public cloud.”

Microsoft is clearly pulling out all the stops in its efforts to grow its cloud platform.

]]>
517852
Microsoft’s Netflix Formula: Promise Big and Don’t Compete https://www.webpronews.com/microsofts-netflix-formula-promise-big-and-dont-compete/ Sun, 17 Jul 2022 17:22:33 +0000 https://www.webpronews.com/?p=517788 Microsoft surprised the industry when Netflix chose the Redmond company for its advertising ambitions, but Microsoft had a winning formula.

Netflix has been working to unveil an ad-supported tier as it looks to revitalize its subscriber growth. The company turned in its first subscriber drop in nearly a decade and sees an ad-supported tier as a way to attract new customers. Google and NBCUniversal parent Comcast were seen as the front-runners to assist Netflix, but Microsoft swooped in seemingly out of nowhere to secure the contract.

According to Business Insider, there were a combination of factors that led to Microsoft’s win, not the least of which was what the company was willing to promise. Google pulled out all the stops in assembling a team that “went to the top of the company” but couldn’t meet Netflix’s expectations.

“We got feedback from Netflix that our number was underwhelming,” Insider’s source revealed.

Read more: AWS, Microsoft, and Google Account for More Than Two-Thirds of the Cloud Market

Much of the problem stemmed from Google hedging its bets over fears Netflix would eventually abandon it in favor of an in-house solution.

“This deal only made sense for Google to put the effort and reconfigurations to go to market if Netflix was going to permanently outsource it,” the source continued.

In contrast, Microsoft approached the deal with a far more optimistic view, meeting Netflix’s targets — reportedly revenue in the “billions” — and viewing the new relationship as a way to eventually poach Netflix as a cloud customer from AWS. In other words, rather than a fearing a potential loss, Microsoft saw an immediate win with the potential for a much larger one down the road.

“What I see is Netflix is testing the Azure/Microsoft waters with a feature or two first,” a Microsoft employee told Insider.

Another factor — and one that is becoming a major one for companies choosing a cloud provider — is that Microsoft doesn’t directly compete with Netflix. AWS parent Amazon has Amazon Prime, Comcast owns NBCUniversal and its Peacock streaming service, and Google owns YouTube TV.

Ultimately, when taken together, Microsoft had the right attitude, approach, and circumstances to pull off the advertising coup of the year.

]]>
517788
LAPSUS$ May Have Hacked Microsoft https://www.webpronews.com/lapsus-may-have-hacked-microsoft/ Tue, 22 Mar 2022 13:00:00 +0000 https://www.webpronews.com/?p=515954 Continuing its string of high-profile attacks, Lapsus$ may have hacked Microsoft’s code repositories.

As BleepingComputer points out, Lapsus$ operates differently than many ransomware gangs. Rather than targeting a company’s desktop machines and servers, holding them for a ransom, Lapsus$ targets companies’ code repositories. Once the group has compromised a repository, it demands a ransom in exchange for not releasing the company’s source code and intellectual property (IP) to the world.

According to BleepingComputer, the group claims it has successfully compromised Microsoft’s source code repositories, specifically its Azure DevOps server. Microsoft has not been able to confirm the claims, but is investigating to see if they are true.

We will continue to monitor this story and report on any additional details.

]]>
515954
5 Ways to Keep Your Business Data Secure in the Cloud https://www.webpronews.com/keep-your-business-data-secure/ Tue, 02 Nov 2021 10:42:45 +0000 https://www.webpronews.com/?p=512758 Storing, organizing, and managing your business’s data is no easy task, yet companies of all sizes and in all industries require this service. Because maintaining your own storage repository would require an immense amount of work and lots of money, most businesses opt to store their data in the cloud. For instance, an increasing number of businesses are choosing Amazon Simple Storage Service (also known as Amazon S3) for safe and secure storage that is easily accessible.

For the most part, any quality cloud storage service from big names like Amazon, Microsoft, or Google is going to be fairly safe. At the same time, there are always precautions that should be taken by businesses to further secure their information because once it’s lost, it may be gone forever. Data breaches by cyber hackers are becoming increasingly common, and it’s often up to you to prevent them — or at least be able to identify them and act quickly.

Whether you’ve only recently started thinking about moving your data storage to the cloud or you’ve been storing your data there for years, use the following tips to provide yourself with even more security and peace of mind.

1. Have your files encrypted

Most cloud service providers will offer encryption services as part of their storage package deals. In this way, companies like Amazon and Microsoft can actually keep your files encrypted both during storage and while your files are in transit.

Still, you’ve got to look out for your own data. For this reason, you might consider going with an encryption service from a third party. This allows you to encrypt your own data separately from the encryption method used by your cloud vendor. That way, if your cloud vendor ever endures a security breach, your files will still be encrypted through the third-party service you used.

2. Back up your files frequently

Again, most cloud storage systems will do this for you, but if you want an extra layer of protection, you can also back up your files on your own or change the settings on your storage system so that they back up more frequently.

3. Learn the best practices for your particular mode of storage

The three big cloud storage companies — Amazon, Microsoft, and Google — have their own best practices for maintaining the safe storage of your data.

If you store your data in Amazon S3 buckets, for example, Amazon has specific recommendations you can follow. Microsoft Azure and Google Cloud Storage have their own specified security instructions as well. Learn and follow these protocols, and you’ll be adding extra layers of protection to your data storage setup.

4. Keep your staff in the know

Whenever you change your security protocol concerning data storage, be sure to inform your staff with comprehensive training. Keep them abreast of changes in password procedures, file encryption methods, and most of all, hacking tactics.

This last one is important. Hackers like to target lower-level employees at companies when they are seeking access to your data. This is because lower-level employees tend not to know as much about malware attacks, phishing schemes, and other hacking tactics.

If a hacker sends a phishing email to one of your employees, it’s possible they may open it and grant system access to that hacker. Why wouldn’t they? If they’re not trained in these measures, they can’t know what to look out for and be wary of.

5. Understand the importance of a good password

Many people use passwords on a daily basis, but in reality, not many understand their real importance. This is why people tend to use the same passwords over and over, or they use passwords like their street numbers and address or their dog’s name followed by 123.

It should go without saying that these are not good passwords, and they should be avoided.

The truth is, whenever you need to make a password for an account, it should be unique; it should include numbers, letters, and symbols; and it should not make sense. For this last one, what we mean is that your dog’s name and the street you live on are not good passwords. Make it bizarre and unintelligible.

Furthermore, remember to change your passwords frequently. All of these guidelines should go for all of the passwords that you and your employees use.

The general consensus among IT experts is that cloud computing is safe and secure. It’s the best practice for storing your data because it’s inexpensive, scalable, convenient, and overall secure. Still, as with most things in life, it’s important that you also be proactive — especially when it comes to the safety of your company’s data.

Don’t just rely on Amazon, Microsoft, or Google to take care of everything. The tips above will help keep your information even more secure.

]]>
512758
Aisera Partners With Microsoft to Deliver AI Service Desk Solutions https://www.webpronews.com/aisera-partners-with-microsoft-to-deliver-ai-service-desk-solutions/ Wed, 21 Jul 2021 18:23:45 +0000 https://www.webpronews.com/?p=511273 Aisera has become member of the Microsoft for Startups program, partnering with Microsoft to deliver AI-based service desk solutions.

Aisera specializes next-gen AI service desks, automating requests, tickets and operations for customer service, DevOps, HR and IT. Aisera’s platform uses conversational AI and natural language processing to help deliver personalized experiences and reduce costs and resolution times.

The companies will offer AI Service Desk on Azure, as well as AI Service Desk on Teams. 

“Being a part of the Microsoft for Startups program is another proud moment for Aisera as we continue an era of explosive growth of the company having recently announcing a new round of funding, new customers including Dartmouth College, and exciting new integrations and partnerships that empower our enterprise-focused end-to-end automation services,” said Muddu Sudhakar, founder and CEO of Aisera. “With the support of Microsoft as a key growth partner, we are prepared to take the next step in enhancing Aisera’s services, increasing our offerings and raising our auto-resolution rates for our enterprise customers.”

“The Microsoft for Startups program was started with the goal of assisting innovative startups, like Aisera, to escalate their growth so they can reach the enterprise businesses that need their solutions,” said Jeffrey Ma, Vice President, Microsoft for Startups. “It’s clear that Aisera will be another success story for the Microsoft for Startups program and we look forward to working alongside their team to make that happen.”

]]>
511273
Goldman Sachs: Microsoft Could Climb 38% https://www.webpronews.com/goldman-sachs-microsoft-could-climb-38/ Tue, 09 Mar 2021 17:37:46 +0000 https://www.webpronews.com/?p=509730

Goldman Sachs has added Microsoft to its “Conviction List,” touting “sustained double-digit” revenue growth.

Microsoft is currently the second-place cloud company, behind AWS. Nonetheless, the company is seen as being in a particularly strong position, thanks to its legacy business and potential to help its clients move to the cloud.

According to Business Insider, Goldman Sachs is now calling for a $315 price target on Microsoft’s stock, a 38% increase over Monday’s close. Goldman highlighted the company’s cloud potential, saying Microsoft is “well-positioned to capitalize on a number of long-term secular trends, including public cloud and SaaS adoption, digital transformation, AI/ML, BI/analytics, and DevOps (amongst others).”

Microsoft has been one of the biggest winners during the pandemic, with a majority of polled companies planning on increasing their Azure and Microsoft SaaS spending. In fact, a higher percentage of respondents planned on increasing their spending on Microsoft, as opposed to those planning on increasing their AWS spending.

Wedbush recently raised their own target from $260 to $270, while acknowledging a bull-case possibility of $300 a share. It appears Goldman Sachs is a even more bullish with their $315 target.

]]>
509730
IBM Acquiring Instana As It Focuses On Hybrid Cloud and AI https://www.webpronews.com/ibm-acquiring-instana/ Mon, 23 Nov 2020 18:52:53 +0000 https://www.webpronews.com/?p=506244 IBM has announced it is acquiring applications performance monitoring (APM) company Instana to aid in its hybrid cloud and AI strategy.

IBM made headlines in October when it announced its plans to split itself into two companies. The legacy business will be split into a new company, while the core IBM doubles down on hybrid cloud and AI services.

To assist in those goals, the company is now acquiring Instana, a startup that uses AI to help companies monitor the performance of cloud apps and services. The startup’s platform is a natural fit for IBM’s newfound focus.

“Our clients today are faced with managing a complex technology landscape filled with mission-critical applications and data that are running across a variety of hybrid cloud environments – from public clouds, private clouds and on-premises,” said Rob Thomas, Senior Vice President, Cloud and Data Platform, IBM. “IBM’s acquisition of Instana is yet another important step that we are taking to provide companies with the most complete portfolio of AI-automated solutions to tackle this enormous challenge and help prevent unforeseen IT incidents that can cost a business in lost revenue and reputation.”

At the same time, being part of IBM will help Instana develop its service even more, becoming a dominant player in the DevOps community.

“With the added responsibility of ensuring the build and run quality of the software they develop, DevOps teams need a new generation of application performance monitoring and observability capabilities to succeed,” said Mirko Novakovic, co-founder and CEO, Instana. “Instana’s observability capabilities combined with IBM’s AI-powered automation capabilities across hybrid cloud environments will give clients a full view of their application performance to best optimize operations.”

]]>
506244