GitHub brings its suite of supply chain security features to Go

Go is receiving a boost from GitHub with the company bringing its supply chain security features to the Google-designed language.

According to GitHut, Go is currently the fourth most-popular language on GitHub. The Go community embraced GitHub and now the company is returning the favour by helping them to discover, report, and prevent security vulnerabilities.

Steve Francia, Product Lead of Go Language at Google, said:

“Go was created, in part, to address the...

GDC kicks off with over 550 game dev sessions, will return as in-person event next year

This year’s Game Developers Conference (GDC) kicks off today as a virtual event with over 550 sessions on all things game development.

GDC 2021 claims to take full advantage of the possibilities offered by virtual events. Back in 2020, around COVID-19’s historic peak, GDC was one of the first large events to be cancelled.

The organisers now have successive virtual events under their belt so it will be interesting to see how they’ve utilised their experience to...

Report: Sec and DevOps split on who is responsible for software security

Solar Eclipse

IT security and development teams are divided over who is and who should be responsible for securing software, a new report from cybersecurity company Venafi has shown.

When asked who is responsible for software security at their organisations, the sample of 1,000 DevOps and Sec professionals were equally split, with 48% saying development were and 48% saying IT security were.

Of far greater concern is the divide over who should be responsible for software security. Only...

Addressing software security for financial services in 2021

Companies operating in the financial services arena today must adhere to a whole host of complex regulatory standards, which makes perfect sense given both the assets and information managed by such firms are valuable and sensitive, and as a result, highly targeted by sophisticated cyber attackers daily.

Compounding these challenges is the large volume of personally identifiable information (PII) that such organisations handle too, which is subject to a plethora of industry...

Thousands of developers are benefiting from OS Data Hub one year after launch

Ordnance Survey has provided an update on its OS Data Hub one year after its initial launch on 1 July 2020.

OS Data Hub provides developers with the organisation’s renowned open and premium mapping data through a suite of APIs.

Charley Glynn, OS API Product Manager, said:

“For those developers that will be searching for a map API or an address API, they are more likely to land on our pages now and discover the OS Data Hub. It is a much nicer shop window...

APImetrics launches premium API performance monitoring service

APImetrics has launched a premium version of API.expert, a service that monitors over 2000 APIs across many vertical markets.

The service is $100 per year and enables developers to keep track of the performance from mainstream API providers such as Netflix, Slack, and Microsoft, to more specialist and smaller vendors.

David O'Neill, CEO of APImetrics, said;

“APIs have become an essential part of the tech landscape, with more and more critical and essential...

Windows 11’s app store supports Android apps, enables devs to keep 100% of profits

Microsoft has unveiled Windows 11 along with a new app store that supports Android apps and enables devs to keep all of their profits.

Windows’ built-in app store has never exactly been a huge success when compared to those of Apple and Google. Microsoft has made several attempts over the years to give its app store a jumpstart – including giving developers up to a 95 percent cut of profits instead of the 70 percent that has long been the industry norm – but it’s never...

65% of companies are concerned about the wellbeing of developers

Research conducted by Forrester Consulting has found that a majority of companies are concerned about the wellbeing of developers.

The research, commissioned by The Qt Company, also highlighted that 75 percent of connected device manufacturers are finding the demand for skills is outstripping supply.

“All too often native development for individual chipsets leads to isolated pockets of skills that are hard to transfer to new platforms,” said Marko Kaasila, SVP of...

Google’s latest framework aims to prevent SolarWinds-like supply chain attacks

Google has unveiled a new framework called Supply chain Levels for Software Artifacts, or SLSA (pronounced "salsa").

The intention of SLSA is to help prevent the growing number of devastating supply chain attacks in recent years—such as the SolarWinds and CodeCov hacks.

Google describes SLSA as "an end-to-end framework for ensuring the integrity of software artifacts throughout the software supply chain."

The company says that SLSA is inspired by its own...

Programming language Coq wants to change its name for obvious reasons

Programming language Coq is looking to rebrand due to sounding like the English slang term for a certain male anatomy body part.

Coq is a dependently-typed functional programming language first created by Gérard Huet and Thierry Coquand. The development of Coq has been supported since 1984 by INRIA, École Polytechnique, University of Paris-Sud, Paris Diderot University, and CNRS.

However, the name of the language and its association with the male anatomy has supposedly...