Power(Shell) to the people
Type less, write cleaner scripts, run consistently across platforms, and other reasons why Linux and OS X users can fall in love with PowerShell.
Posted in Developer Enablement | Comments Off on Power(Shell) to the people
Yev Bronshteyn
Yev Bronshteyn is a senior software engineer at Black Duck by Synopsys and a member of the SPDX Working Group’s technical team. His past engineering positions include eBay and Progress Software.
Posts by Yev Bronshteyn:
4 key differences moving from Java to .NET Core, part 1
Getting started with .NET Core? If you’re exploring C#, you’ll find it borrows much from Java. Here are a few prominent differences you should be aware of as you move from Java to .NET Core.
Posted in Developer Enablement, Open Source Security | Comments Off on 4 key differences moving from Java to .NET Core, part 1
.NET component vulnerability analysis in production
At Black Duck, we’ve been excited to participate in the flurry of growth in the .NET ecosystem. Our Visual Studio Extension helps developers detect open source risks early, when it is easiest and most cost-effective to eliminate them. However, in some cases, a Visual Studio project or any build file or other composition metadata may not be available. Perhaps an application’s source code (and the component data that comes with it) has been lost. Perhaps the application was provided by a vendor who has never made the source code available in the first place. Or perhaps, in addition to scanning application dependencies, we want to include the actual production runtime in our scan. Is such component analysis possible?
Posted in Agile, CI/CD & DevOps, Software Architecture and Design | Comments Off on .NET component vulnerability analysis in production
Tackling visibility in microservices
Are modern enterprise software architectures doomed to produce suboptimal processes and outcomes? Today, enterprise architects value componentization perhaps more than ever before, given the mass glorification of microservices. Microservices are loosely defined as isolated, independent components designed to address a singular business need. Sounds great, until you consider that with this architecture, the creator(s) and the consumer(s) of any service are likely to become rigorously isolated from each other, the API boundary falling like an iron curtain between them.
Posted in Container Security, Software Architecture and Design | Comments Off on Tackling visibility in microservices
4 key differences moving from Java to .NET Core, part 1
Getting started with .NET Core? If you’re exploring C#, you’ll find it borrows much from Java. Here are a few prominent differences you should be aware of as you move from Java to .NET Core.
Posted in Developer Enablement, Open Source Security | Comments Off on 4 key differences moving from Java to .NET Core, part 1
.NET component vulnerability analysis in production
At Black Duck, we’ve been excited to participate in the flurry of growth in the .NET ecosystem. Our Visual Studio Extension helps developers detect open source risks early, when it is easiest and most cost-effective to eliminate them. However, in some cases, a Visual Studio project or any build file or other composition metadata may not be available. Perhaps an application’s source code (and the component data that comes with it) has been lost. Perhaps the application was provided by a vendor who has never made the source code available in the first place. Or perhaps, in addition to scanning application dependencies, we want to include the actual production runtime in our scan. Is such component analysis possible?
Posted in Agile, CI/CD & DevOps, Software Architecture and Design | Comments Off on .NET component vulnerability analysis in production
Tackling visibility in microservices
Are modern enterprise software architectures doomed to produce suboptimal processes and outcomes? Today, enterprise architects value componentization perhaps more than ever before, given the mass glorification of microservices. Microservices are loosely defined as isolated, independent components designed to address a singular business need. Sounds great, until you consider that with this architecture, the creator(s) and the consumer(s) of any service are likely to become rigorously isolated from each other, the API boundary falling like an iron curtain between them.
Posted in Container Security, Software Architecture and Design | Comments Off on Tackling visibility in microservices