Backslash Security announced the findings of its GPT-4 developer simulation exercise, designed and conducted by the Backslash Research Team, to identify security issues associated with LLM-generated code. The Backslash platform offers several core capabilities that address growing security concerns around AI-generated code, including open source code reachability analysis and phantom package visibility capabilities.
“This year was unlike any other that we have witnessed with a significant shift in organizations’ technology priorities, in part as a result of the COVID-19 pandemic,” said Bruno Kurtic, founding VP of Strategy and Solutions at Sumo Logic. “This continued acceleration to digital further fueled key trends including multi-cloud adoption, an expanding threat landscape, and the need for improved collaboration across DevSecOps, as companies quickly made changes to adapt to new business demands. The need for continuous intelligence is even more critical as digital businesses require real-time analytics in order to deliver high performance, highly scalable, always-on digital services to speed decision making and drive the best customer experiences.”
The Continuous Intelligence Report: The State of Modern applications, DevSecOps and the Impact of COVID-19 from Sumo Logic provides an inside look into the state of the modern application technology stack, including changing trends in cloud and application adoption and usage by customers, and the impact of COVID-19 as an accelerant for digital transformation efforts. Key findings from the report include:
Multi-Cloud Adoption Accelerates During COVID-19 Pandemic
Amidst the COVID-19 pandemic, the adoption of modern cloud services has surged. As businesses faced upheaval, many have turned to these platforms to support new and changing ways of doing business.
■ Multi-cloud adoption grew by 70% year over year, outpacing previous 12 months that saw 50% growth.
■ Enterprises are increasingly turning to modern cloud platforms such as Amazon Web Services (AWS), Microsoft Azure, and Google Cloud Platform (GCP), to deliver high quality and secure applications to their customers.
Modern Cloud Architectures Become a Reality
As more enterprises become dependent on the cloud, they’re shifting to a more "modern architecture." This transition focuses on an application stack that consists of new tiers, technologies, and microservices.
■ The typical AWS application has as many as 26 services (up from 15 last year) and is deployed across two or more regions and two or more accounts.
■ Over 40 percent of Sumo Logic’s AWS customers are using container orchestration.
■ Kubernetes is fast becoming the default app platform, with over 85% of businesses choosing Kubernetes to build and operate applications across multiple clouds.
■ Additionally, serverless architecture is continuing to grow, and AWS Lambda adoption is now at 37 percent.
Security Landscape Dramatically Shifts During COVID-19 Pandemic
The security threat landscape has changed since the start of the COVID-19 pandemic, requiring a more rigorous and adaptive security processes and solutions. Securing cloud workloads requires adoption of both cloud-native security technologies and consuming available cloud data sources.
■ The patterns of attack have changed throughout the course of the pandemic. The largest jump in attack origin came from Russia and India.
■ Based on Sumo Logic’s Global Intelligence for AWS, AWS regional centers in the US, and EU are top targets for attackers.
The WFH Era Reinforces the Need for DevSecOps to Break the Silos
The continued expectations for DevOps to improve the release and updates of apps and services has challenged siloed teams - given their remote working situations. It's important that distributed development teams leverage analytics and insights to optimize the entire end-to-end software development and delivery process and improve the continuous intelligence of their organizations.
As the modern application stack continues to be reshaped by multi-cloud, open source technologies, and factors from extenuating circumstances like COVID-19, companies need a strategy to address this growing complexity. The answer lies in continuous intelligence, a new category of software that leverages real-time analytics and insights from a single, cloud-native platform across multiple use cases to speed decision-making, and drive world-class customer experiences.
Report Methodology: The Continuous Intelligence Report: The State of Modern applications, DevSecOps and the Impact of COVID-19 includes trends and important visibility into the DevSecOps tools and solutions that are used within cloud-first organizations as they “lift and shift” or modernize and migrate existing applications. As part of the company’s Global Intelligence solution, a three-pronged offering designed to extend machine learning and insights to new teams and use cases across the growing continuous intelligence industry.Customers use Sumo Logic to manage production applications and underlying infrastructure, therefore this report provides a snapshot of the production application state and serves as a reflection of overall industry trends.
Industry News
Azul announced that Azul Intelligence Cloud, Azul’s cloud analytics solution -- which provides actionable intelligence from production Java runtime data to dramatically boost developer productivity -- now supports Oracle JDK and any OpenJDK-based JVM (Java Virtual Machine) from any vendor or distribution.
F5 announced new security offerings: F5 Distributed Cloud Services Web Application Scanning, BIG-IP Next Web Application Firewall (WAF), and NGINX App Protect for open source deployments.
Code Intelligence announced a new feature to CI Sense, a scalable fuzzing platform for continuous testing.
WSO2 is adding new capabilities for WSO2 API Manager, WSO2 API Platform for Kubernetes (WSO2 APK), and WSO2 Micro Integrator.
OpenText™ announced a solution to long-standing open source intake challenges, OpenText Debricked Open Source Select.
ThreatX has extended its Runtime API and Application Protection (RAAP) offering to provide always-active API security from development to runtime, spanning vulnerability detection at Dev phase to protection at SecOps phase of the software lifecycle.
Canonical announced the release of Ubuntu 24.04 LTS, codenamed “Noble Numbat.”
JFrog announced a new machine learning (ML) lifecycle integration between JFrog Artifactory and MLflow, an open source software platform originally developed by Databricks.
Copado announced the general availability of Test Copilot, the AI-powered test creation assistant.
SmartBear has added no-code test automation powered by GenAI to its Zephyr Scale, the solution that delivers scalable, performant test management inside Jira.
Opsera announced that two new patents have been issued for its Unified DevOps Platform, now totaling nine patents issued for the cloud-native DevOps Platform.
mabl announced the addition of mobile application testing to its platform.
Spectro Cloud announced the achievement of a new Amazon Web Services (AWS) Competency designation.
GitLab announced the general availability of GitLab Duo Chat.