Operations | Monitoring | ITSM | DevOps | Cloud

The latest News and Information on Continuous Integration and Development, and related technologies.

Adding value to applications using the software testing life cycle

Software testing is important enough to have its own phase in the software development life cycle (SDLC). The software testing life cycle (STLC) is a step-by-step process that improves the quality of software by applying rigorous planning and analysis to the testing process. Testing is a development tool that adds value to your team’s applications. Embracing testing as a vital component of software development can save you and your team a lot of time debugging and fixing errors in the future.

JFrog Discloses 3 Remote Access Trojans in PyPI

The JFrog Security research team continuously monitors popular open source software (OSS) repositories with our automated tooling to detect and avert potential software supply chain security threats. After validating the findings, the team reports any security vulnerabilities or malicious packages discovered to repository maintainers and the wider community.

ICYMI: Achieving Visibility in Your CI/CD Pipeline With Honeycomb + CircleCI

Before continuous integration came to be, setting up builds was no fun because the complexity and overhead involved in a release cycle was compounded by inflexible, manual processes. The release cycle was slow and often resulted in breaking changes. Continuous integration and continuous delivery (CI/CD) has changed much of that through pipelines that automate how we build and test software—today, we can deploy, have builds fail, and resolve any errors faster than ever.

Manage automated test data with the PractiTest orb

The software testing data provided by CI/CD tools is valuable, but it is not always comprehensive enough to give managers the insights they need to make improvements. To make effective business decisions, managers need visibility into the entire testing process, in a way that will help them understand what needs to be done and how.

CVE-2021-44142: Critical Samba Vulnerability Allows Remote Code Execution

Recently, a critical out-of-bounds vulnerability, assigned to CVE-2021-44142, was disclosed in Samba versions prior to 4.13.17. The Samba vulnerability carries a critical CVSS of 9.9 and allows attackers to remotely execute code on machines running a Samba server with a vulnerable configuration. The vulnerability was disclosed as part of the Pwn2Own Austin competition where researchers are challenged to exploit widely-used software and devices with unknown vulnerabilities.