Tag Archives: static code analysis

Better Static Code Analysis and Security Scans

I was listening to a talk from Stefan Simenon on their CI/CD transformation within ABN AMRO, a large financial company. One of the interesting things he noted was that they consider open source to be less secure, possibly with more vulnerabilities … Continue reading

Posted in Editorial | Tagged , ,

Trust But Verify

Npm is the default package manager for the Node.js runtime. Most of us have heard of of Javascript, which is used extensively in writing applications. When developers write code using this framework, they often include code from other packages and developers, just … Continue reading

Posted in Editorial | Tagged ,