New Tech Forum

Why openness always matters

Proprietary software isn’t evil, but open source is a remarkable force for good. The transparent, community-driven approach to development is driving innovation in every industry today.

Most reported CVEs for Docker Hub images are harmless

JFrog used Xray Container Contextual Analysis to scan the 200 most popular community images in Docker Hub, then tallied the results for the 10 most common CVEs. 78% were not exploitable.

Public package repos expose thousands of API security tokens—and they’re active

JFrog’s new Xray Secrets Detection uncovered active access tokens in popular open-source software registries including Docker, npm, and PyPI. Here are our findings and takeaways.

How intelligent automation changes CI/CD

A new paradigm for continuous delivery is emerging that enables it to serve as the foundation for improving devops and increasing development productivity.

Why CIOs should make the leap to Flutter now

Despite the duopoly of the current app marketplace, businesses should not be maintaining two development teams. Flutter and cross-platform apps are the future.

Why developers hold the key to cloud security

Developer-first security is the future in the cloud. Because the responsibility for cloud security rests with developers and devops teams, not IT security.

The ever-widening world of Wasm

Bringing WebAssembly and OCI containers together could enable us to run the same container image on any hardware or operating system we want—wherever it runs best, fastest, or cheapest.

5 steps to lower Kubernetes costs

Granular visibility can help enterprises keep cloud costs in check. Follow these best practices when using monitoring methods to control Kubernetes-related spending.

A vision for making open source more equitable and secure

An immutable package registry on the blockchain offers an opportunity for fairly compensating open source developers based on their contributions.

An AI alternative to code search tools

COBOL Colleague uses symbolic machine learning and static analysis to help developers understand and maintain COBOL source code. The same technology could be applied to other programming languages.

The benefits and challenges of event-driven architecture

Event-driven architecture allows developers to create powerful, real-time digital experiences. Ably’s edge messaging platform helps them deliver these experiences at scale.

Why Apache Iceberg will rule data in the cloud

Apache Iceberg is an open table format that offers scalability, usability, and performance advantages for very large data sets. Here are five reasons Iceberg is optimal for cloud data workloads.

Why edge computing matters for modern software development

The next stage of cloud computing brings computing power closer to users, paving the way to better user experiences and more intelligent applications.

Why devops needs a better approach to cloud networking

A full-stack networking platform with machine learning, autonomous capabilities, and multicloud support allows devops engineers to focus on what matters most—building applications.

Partitioning for performance in a sharding database system

Partitioning can provide a number of benefits to a sharding system, including faster query execution. Let’s see how it works.

Why database design choices matter to developers

Rather than punt database design decisions to a cloud service or third-party provider, understand what you want to achieve and how best to deliver on that goal.

7 biggest Kubernetes security mistakes

The most dangerous security holes are often the most basic. Start improving your Kubernetes security posture by fixing these simple mistakes.

How we’ll solve software supply chain security

Security teams need a standard set of processes for locking down roots of trust for software artifacts, and developers need a clear path to balance open source selection against security policies. Open source has answers.

Software developers have a supply chain security problem

Every day, software developers implicitly trust software packages, container images, dependency maintainers, repository operators, and build systems that we don’t know anything about. It’s the opposite of Zero Trust.

5 tips for writing better API documentation

Great API documentation is essential to a good developer experience. But your documentation should be great for non-developers too.