WhiteSource one of the leaders in the Software Composition Analysis space recently released their annual report on "The State of Open Source Security Vulnerabilities".  It is chock full of good data and findings on what is the current state of open source security and how things are trending.

I had a chance to sit down with Rhys Arkins, Director, Product at WhiteSource to see what some of the highlights were. Rhys was happy to share and show us some of things you should be mindful of.

The State of Open Source Security Vulnerabilities

"DevOps Chats" by Techstrong Group, the force behind industry-leading platforms like DevOps.com, Cloud Native Now, Security Boulevard, Techstrong.ai, DigitalCxO, and Techstrong.TV, is your premier destination for all things DevOps. Hosted by industry veterans Alan Shimel and Mitchell Ashley, this podcast series delves deep into the world of DevOps, bringing you the latest trends, innovative strategies, and insightful discussions that matter.

Each episode of "DevOps Chat" is a journey through the evolving landscape of DevOps, featuring interviews with thought leaders, practitioners, and change-makers who are shaping the future of technology. Whether you're a developer, operations professional, IT leader, or tech enthusiast, Alan and Mitchell ensure you stay informed, engaged, and ahead of the curve.

From continuous integration and delivery to cloud-native development and cybersecurity, "DevOps Chat" covers the spectrum, offering valuable lessons, expert advice, and engaging stories. Tune in to explore how DevOps principles and practices are transforming the tech industry, driving efficiency, enhancing security, and fostering innovation.

Join us at "DevOps Chat" for your regular dose of DevOps insights, inspiration, and community. It's not just a podcast; it's your gateway to the forefront of the DevOps movement. Subscribe now and be part of the conversation that's setting the pace for the future of technology.

Technology

Tech News

Podcasting

Gadgets

Software How-To

Alan and Mitch discuss several AI and DevOps topics, including the debate of whether DevOps failed us or if platform engineering is ignoring history; Tabnine is a Microsoft copilot alternative to generate code ; and does your Gen AI get mentally stuck on one path of thinking.

Reference Links: 

Tabnine:
https://devops.com/tabnine-extends-gen-ai-platform-for-writing-code-to-multiple-llms

AI:
https://devops.com/your-ai-might-be-lying-to-you

DevOps Platform Debate, Copilot Alternative and Did your AI lose its mind

Alan and Mitch discuss whether platform engineering will be "the game changer" some predict will happen in 2024, the evolution of CI/CD frameworks (ArgoCD, Tekton), and Mitch's interview with Cole Kennedy, TestifySec CEO, about securing software from source to production.

Links Referenced in Podcast:

https://devops.com/platform-engineering-the-2024-game-changer-in-tech
https://devops.com/driving-the-devops-evolution-argocd-tekton-and-seamless-migrations https://techstrong.tv/videos/interviews/securing-source-to-production-with-testifysecs-cole-kennedy

Platform Engineering in 2024, CI/CD Frameworks and Securing Source to Production

Alan and Mitch debate whether AI can make "no shift" vs. shift left a viable future testing software in production, the "five great DevOps job opportunities" series on DevOps.com, TabNine generative AI testing platform now adds your code into the LLM to generate tests and whether DevOps should be open-ended or have an end goal.

Links Referenced in Podcast:
https://devops.com/forget-shift-left-why-no-shift-is-the-future-of-software-innovation/
https://devops.com/five-great-devops-job-opportunities-77/
https://devops.com/tabnine-extends-generative-ai-testing-platform-by-embracing-rag/
https://devops.com/devops-whats-the-end-goal/

No No-Shift, DevOps Jobs, AI Tests Your Code, DevOps End Goal

In this episode of DevOps Chats, Alan and Mitch dive deep into the heart of DevOps. After 12 years of DevOps evolution, we're asking the big question: How has our investment in DevOps paved the way for organizational success in the years to come? This segment promises a thought-provoking look at the achievements, challenges, and road ahead for DevOps enthusiasts. They discuss DevOps insights expected to be part of the upcoming Techstrong Research "DevOps Next" report. 

They also share Mitch's interview with Ben Potter, Head of Product at Coder, where he sheds light on the game-changing world of cloud development environments.

Whether you're a DevOps veteran or new to the scene, this episode has insights and stories that will enrich your understanding and spark your imagination. Join us as we explore the cutting edge of DevOps and cloud development only on DevOps Chats.

Links Referenced in Podcast:
 https://techstrong.tv/videos/interviews/cloud-dev-environments-coder-ben-potter

DevOps Past, Present, Future and Cloud Development Environments

Mitch and Alan discuss Dagger's Solomon Hyke interview on modernizing DevOps pipelines the current realities of open source, the growth in software supply chain attacks and the value of doing smaller code reviews.

Links Referenced in Podcast:

https://devclass.com/2024/02/12/from-docker-to-dagger-solomon-hykes-on-modernisation-of-the-devops-pipeline/

https://devops.com/the-practicalities-of-open-sourcing

https://devops.com/survey-cyberattacks-aimed-at-software-supply-chains-are-pervasive

https://devops.com/improve-efficiency-with-smaller-code-reviews

The State of Open Source Security Vulnerabilities

Download our free app to listen on your phone