Open source is great. But when it can lead to more security vulnerabilities, how much is too much? And can DevOps save us all? We go over the 2017 State of Software Security Report and see how the industry is doing.

Last month, Oracle proposed a new version numbering scheme in order to emphasize the time-based releases. Not many people liked this proposal —to put it mildly— so Mark Reinhold is now offering three alternatives. You are encouraged to communicate additional information that’s relevant to the choice of such a scheme so speak now — a specific proposal will be made in about a week.

Structured Query Language or SQL is considered the standard language for database management systems. In this article, Chirag Thumar explains the best ways for your to optimize your SQL databases for the most efficient results.

Java SE 9 was released almost a month ago and we already have Java 9 support in Eclipse Oxygen, Spring Framework 5.0, IntelliJ IDEA and more. Now Gradle has joined the club. Let’s see what this means.

Zig is a pragmatic, optimal, and safe alternative to C; it offers another alternative to those brave enough to try something new. Let’s see what it’s all about.

The CERT Division of Carnegie Mellon University’s Software Engineering Institute has published an updated list of technologies that might give us headaches in the security department. Both machine learning and blockchain have made the cut but that’s actually not a comforting thought, especially since the former is one of the three domains that must be considered high priority for outreach and analysis in 2017.

Angular 5 is almost upon us — We’re getting there slowly but surely: rc.3 has arrived! Get ready because Angular 5 will be here before you know it.

How can you tell if a DevOps initiative is successful? What do teams need in order to collect and view information from DevOps tools along the pipeline and how can we make the process easier? We talked with Anders Wallgren, Chief Technology Officer at Electric Cloud about how to simplify the process, how important are well-defined metrics to the success of a DevOps strategy and more.

Internet of Things(IoT) and big data are closely intertwined and although they are not the same thing, it is very hard to talk about one without the other. Before we analyze their connection, let us take a much closer look at these two practices.

The Docker platform and Moby Project are integrating support for Kubernetes. As of now (you can register for beta access here), developers and operators can build apps with Docker and seamlessly test and deploy them using both Docker Swarm and Kubernetes.

We’ve been talking about the advantages blockchain brings to the finance industry but how about cybersecurity? Blockchain is revolutionizing multiple industries including cybersecurity but one question lingers: *how* can this technology help fight cyber attacks? We talked with Floyd DCosta, co-founder at Block Armour about the role the technology behind Bitcoin plays in blocking (if possible) cyber attacks.

MicroProfile Config is a solution to externalize configuration from microservices. Why even bother with configuration? In this article, Emily Jiang of IBM explains why you shouldn’t skip this crucial step and how you can use it.

The Equifax hack that exposed nearly half of all Americans is going to happen again. It’s only a matter of time. And it’s all because developers are too busy to deal with pull requests.

HashiCorp Consul 1.0 is here! It’s been three years since the initial release and now the tool “has hit a threshold of broad usage, feature richness, and operational maturity,” according to the official announcement.