Agile and DevOps are widely adopted by the industry. Hence, integrating security activities with industrial practices, such as continuous integration (CI) pipelines, is necessary to detect security flaws and adhere to regulators' demands early. In this paper, we analyze automated security activities in CI pipelines of enterprise-driven open source software (OSS). This shall allow us, in the long-run, to better understand the extent to which security activities are (or should be) part of automated pipelines. In particular, we mine publicly available OSS repositories and survey a sample of project maintainers to better understand the role that security activities and their related tools play in their CI pipelines. To increase transparency an...
The increasing availability and deployment of open source software in personal and commercial enviro...
While many theoretical arguments against or in favor of open source and closed source software devel...
AbstractCurrently, security appears to be one of the strongest sales arguments for software vendors ...
Security activities are essential for all software development projects to detect potential flaws ea...
Traditional approaches to software security are based on manual methods, which tend to stall develop...
Due to the rise of cyberattacks in IT companies, software security has become a topic for debate. Cu...
The DevOps approach to application development and the continuing shift to the ’Cloud first’ model h...
Despite the security community's emphasis on the importance of building secure open source software ...
Open-source enterprise resource planning (ERP) software has become a preferred alternative for moder...
This paper examines one aspect of quality that organizations look for when selecting software, namel...
Continuous Integration (CI) and Continuous Delivery (CD) have become a well-known practice in DevOps...
The widespread use of open-source software dependencies in software development can increase the ris...
Continuous Integration (CI) and Continuous Delivery (CD) have become a well-known practice in DevOps...
Software users have become more conscious of security. More people have access to Internet and huge ...
1 Introduction The last few years have shown a worldwide rise in the attention for, and actual use o...
The increasing availability and deployment of open source software in personal and commercial enviro...
While many theoretical arguments against or in favor of open source and closed source software devel...
AbstractCurrently, security appears to be one of the strongest sales arguments for software vendors ...
Security activities are essential for all software development projects to detect potential flaws ea...
Traditional approaches to software security are based on manual methods, which tend to stall develop...
Due to the rise of cyberattacks in IT companies, software security has become a topic for debate. Cu...
The DevOps approach to application development and the continuing shift to the ’Cloud first’ model h...
Despite the security community's emphasis on the importance of building secure open source software ...
Open-source enterprise resource planning (ERP) software has become a preferred alternative for moder...
This paper examines one aspect of quality that organizations look for when selecting software, namel...
Continuous Integration (CI) and Continuous Delivery (CD) have become a well-known practice in DevOps...
The widespread use of open-source software dependencies in software development can increase the ris...
Continuous Integration (CI) and Continuous Delivery (CD) have become a well-known practice in DevOps...
Software users have become more conscious of security. More people have access to Internet and huge ...
1 Introduction The last few years have shown a worldwide rise in the attention for, and actual use o...
The increasing availability and deployment of open source software in personal and commercial enviro...
While many theoretical arguments against or in favor of open source and closed source software devel...
AbstractCurrently, security appears to be one of the strongest sales arguments for software vendors ...