Do you spend hours manually running build scripts and deploying applications to servers each day? If so, you should consider using Jenkins to automate your development process. Jenkins is a powerful open-source tool that can help you speed up the deployment of new code changes to production environments. With Jenkins, you can automate the build and push of a Docker image to the Docker hub. This will save time on your end as well!

Jenkins is a powerful open-source tool that can help you automate your development process. It is written in Java and has a rich plugin ecosystem that integrates with the most popular software development tools. Some of its key features include:

If you want to get started with Jenkins and begin automating your development process, there are a few things you need to do.

First, you need to install Jenkins on your server. You can do this by downloading the latest version of Jenkins from the official website (link below).

Once you have installed Jenkins, you need to create a new job. To do this, click on the New Item link in the left-hand navigation menu.

On the job configuration page, you need to specify the following:

Once you have saved your job, Jenkins will begin automatically building your code and deploying it to your production environment.

You can view the status of your builds by going to the Build History page in the left-hand navigation menu.

Follow this link:

Jenkins: The Ultimate Guide to Automating Your Development Process - Techstry

Imagine that youre hiking, and you encounter an odd-looking winged bug thats almost bird-like. If you open the Seek app by iNaturalist and point it at the mystery critter, the camera screen will inform you that what youre looking at is called a hummingbird clearwing, a type of moth active during the day. In a sense, the Seek app works a lot like Pokmon Go, the popular augmented reality game from 2016 that had users searching outdoors for elusive fictional critters to capture.

Launched in 2018, Seek has a similar feel. Except when users point their camera to their surroundings, instead of encountering a Bulbasaur or a Butterfree, they might encounter real world plant bulbs and butterflies that their camera identifies in real-time. Users can learn about the types of plants and animals they come across, and can collect badges for finding different species, like reptiles, insects, birds, plants, and mushrooms.

How iNaturalist can correctly recognize (most of the time, at least) different living organisms is thanks to a machine-learning model that works off of data collected by its original app, which first debuted in 2008 and is simply called iNaturalist. Its goal is to help people connect to the richly animated natural world around them.

The iNaturalist platform, which boasts around 2 million users, is a mashup of social networking and citizen science where people can observe, document, share, discuss, learn more about nature, and create data for science and conservation. Outside of taking photos, the iNaturalist app has extended capabilities compared to the gamified Seek. It has a news tab, local wildlife guides, and organizations can also use the platform to host data collection projects that focus on certain areas or certain species of interest.

When new users join iNaturalist, theyre prompted to check a box that allows them to share their data with scientists (although you can still join if you dont check the box). Images and information about their location that users agree to share are tagged with a creative commons license, otherwise, its held under an all-rights reserved license. About 70 percent of the apps data on the platform is classified as creative commons. You can think of iNaturalist as this big open data pipe that just goes out there into the scientific community and is used by scientists in many ways that were totally surprised by, says Scott Loarie, co-director of iNaturalist.

This means that every time a user logs or photographs an animal, plant, or other organism, that becomes a data point thats streamed to a hub in the Amazon Web Services cloud. Its one out of over 300 datasets in the AWS open data registry. Currently, the hub for iNaturalist holds around 160 terabytes of images. The data collection is updated regularly and open for anyone to find and use. iNaturalists dataset is also part of the Global Biodiversity Information Facility, which brings together open datasets from around the world.

iNaturalists Seek is a great example of an organization doing something interesting and otherwise impossible without a large, open dataset. These kinds of datasets are both a hallmark and a driving force of scientific research in the information age, a period defined by the widespread use of powerful computers. They have become a new lens through which scientists view the world around us, and have enabled the creation of tools that also make science accessible to the public.

[Related: Your Flickr photos could help scientists keep tabs on wildlife]

iNaturalists machine learning model, for one, can help its users identify around 60,000 different species. Theres two million species living around the world, weve observed about one-sixth of them with at least one data point and one photo, says Loarie. But in order to do any sort of modeling or real synthesis or insight, you need about 100 data points [per species]. The teams goal is to have 2 million species represented. But that means they need more data and more users. Theyre trying to create new tools, as well, that help them spot weird data, correct errors, or even identify emerging invasive species. This goes along with open data. The best way to promote it is to get as little friction as possible in the movement of the data and the tools to access it, he adds.

Loarie believes that sharing data, software code, and ideas more openly can create further opportunities for science to advance. My background is in academia. When I was doing it, it was very much this publish or perish, your data stays on your laptop, and you hope no one else steals your data or scoops you [mindset], he says. One of the things thats really cool to see is how much more collaborative science has gotten over the last few decades. You can do science so much faster and at such bigger scales if youre more collaborative with it. And I think journals and institutions are becoming more amenable to it.

Over the last decade, open datadata that can be used, adapted, and shared by anyonehas been a boon in the scientific community, riding on a growing trend of more open science. Open science means that any raw data, analysis software, algorithms, papers, documents used in a project are shared early as part of the scientific process. In theory, this would make studies easier to reproduce.

In fact, many governments organizations and city offices are releasing open datasets to the public. A 2012 law requires New York City to share all of its non-confidential data collected by various agencies for city operation through an accessible web portal. In early spring, NYC hosts an open data week highlighting datasets and research that has used them. A central team at the Office of Technology and Information, along with data coordinators from each agency, helps establish standards and best practices, and maintain and manage the infrastructure for the open data program. But for researchers who want to outsource their data infrastructure, places like Amazon and CERN offer services to help organize and manage data.

[Related: The Ten Most Amazing Databases in the World]

This push towards open science was greatly accelerated during the recent COVID-19 pandemic, during which an unprecedented amount of discoveries were shared near-instantaneously for COVID-related research and equipment designs. Scientists rapidly publicized genetic information on the virus, which aided in vaccine development efforts.

If the folks who had done the sequencing had held it and guarded it, it wouldve slowed the whole process down, says John Durant, a science historian and director of the MIT Museum.

The move to open data is partly about trying to ensure transparency and reliability, he adds. How are you going to be confident that results being reported are reliable if they come out of a dataset you cant see, or an algorithmic process you cant explain, or a statistical analysis that you dont really understand? Then its very hard to have confidence in the results.

Open data cannot exist without lots and lots of data in the first place. In this glorious age of big data, this is an opportunity. From the time when I trained in biology, way back, you were using traditional techniques, the amount of information you hadthey were quite important, but they were small, says Durant. But today, you can generate information on an almost bewildering scale. Our ability to collect and accrue data has increased exponentially in the last few decades thanks to better computers, smarter software, and cheaper sensors.

A big dataset is almost like a universe of its own, Durant says. It has a potentially infinite number of internal mathematical features, correlations, and you can go fishing in this until you find something that looks interesting. Having the dataset open to the public means that different researchers can derive all kinds of insights from varying perspectives that deviate from the original intention for the data.

All sorts of new disciplines, or sub-discipline have emerged in the last few years which are derived from a change in the role of data, he adds, with data scientists and bioinformaticians as just two out of numerous examples. There are whole branches of science that are now sort of meta-scientific, where people dont actually collect data, but they go into a number of datasets and look for higher level generalizations.

Many of the traditional fields have also undergone technological revamps. Take the environmental sciences. If you want to cover more ground, more species, over a longer period of time, that becomes intractable for one person to manage without using technology tools or collaboration tools, says Loarie. That definitely pushed the ecology field more into the technical space. Im sure every field has a similar story like that.

[Related: Project Icarus is creating a living map of Earths animals]

But with an ever-growing amount of data, our ability to wrangle these numbers and stats manually becomes virtually impossible. You would only be able to handle these quantities of data using very advanced computing techniques. This is part of the scientific world we live in today, Durant adds.

Thats where machine learning algorithms come in. These are software or computer commands that can calculate statistical relationships in the data. Simple algorithms using limited amounts of data are still fairly comprehensive. If the computer makes an error, you can likely trace back to where the error occurred in the calculation. And if these are open source, then other scientists can look at the code instructions to see how the computer got the output from the input. But more often than not, AI algorithms are described as a black box, meaning that the researchers who created it dont even fully understand whats going on inside and how the machine is arriving at the decision its making. And that can lead to harmful biases.

This is one of the core challenges that the field faces. Algorithmic bias is a product of an age where we are using big data systems in ways that we do or sometimes dont fully have control over, or fully know and understand the implications of, Durant says. This is where making data and code open can help.

[Related: Artificial intelligence is everywhere now. This report shows how we got here.]

Another problem that researchers have to consider is maintaining the quality of big datasets, which can impinge on the effectiveness of analytics tools. This is where the peer-review process plays an important role. Loarie has observed that the field of data and computer science moves incredibly fast with publishing and getting findings out on the internet whether its through preprints, electronic conference papers, or some other form. I do think that the one thing that the electronic version of science struggles with is how to scale the peer-review process, which keeps misinformation at bay, he says. This kind of peer review is important, for example, in iNaturalists data processing, too. Loarie notes that although the quality of data from iNaturalist as a whole is very high, theres still a small amount of misinformation they have to check through community management.

Lastly, having science that is open creates a whole set of questions around how funding and incentives might changean issue that experts have been actively exploring. Storing huge amounts of data certainly is not free.

What people dont think about, that for us is almost more important, is that to move data around the internet, theres bandwidth charges, Loarie says. So, if someone were to download a million photos from the iNaturalist open data bucket, and wanted to do an analysis of it, just downloading that data incurs charges.

iNaturalist is a small nonprofit thats part of the California Academy of Sciences and National Geographic Society. Thats where Amazon is helping. The AWS Open Data Sponsorship Program, launched in 2009, covers the cost of storage and the bandwidth charges for datasets it deems of high value to user communities, Maggie Carter, global lead of AWS Global Social Impact says in an email. They also provide the computer codes needed to access the data and send out notifications when datasets are updated. Currently, they sponsor around 300 datasets through this program ranging from audio recordings of rainforests and whales to satellite imagery to DNA sequences to US Census data.

At a time where big data centers are getting closely scrutinized for their energy use, Amazon sees a centralized open data hub as more energy-efficient compared to everyone in the program hosting their own local storage infrastructure. We see natural efficiencies with an open data model. The whole premise of the AWS Open Data program is to store the data once, and then have everyone work on top of that one authoritative dataset. This means less duplicate data that needs to be stored elsewhere, Carter says, which she claims can result in a lower overall carbon footprint. Additionally, AWS is trying to run their operations with 100 percent renewable energy by 2025.

Despite challenges, Loarie thinks that useful and applicable data should be shared whenever possible. Many other scientists are onboard with this idea. Another platform from Cornell University, ebird, uses citizen science efforts as well to accrue open data for the scientific communityebird data has also translated back to tools for its users, like bird song ID that aims to make it easier and more engaging to interact with wildlife in nature. Outside of citizen science, some researchers, like those working to establish a Global Library of Underwater Biological Sound, are seeking to pool professionally collected data from several institutions and research groups together into a massive open dataset.

A lot of people hold onto data, and they hold onto proprietary algorithms, because they think thats the key to getting the revenue and the recognition thats going to help their program be sustainable, says Loarie. I think all of us who are involved in the open data world, were kinda taking a leap of faith that the advantages of this outweigh the cost.

Excerpt from:

Open data is a blessing for sciencebut it comes with its own curses - Popular Science

The Sell Sider is a column written by the sell side of the digital media community.

Todays column is written by Lukasz Wlodarczyk, VP of programmatic ecosystem growth and innovation at RTB House.

Google and Meta (formerly Facebook) have come under fire for a secret agreement known as Jedi Blue. Back in 2018, Google allegedly promised Facebook preferential treatment in ad exchange auctions in return for Facebook withdrawing its support for header-bidding auction solutions, which directly competed with Googles own.

Google has never had a warm relationship with header-bidding solutions. Indeed, Google implemented Exchange Bidding in Dynamic Allocation (EBDA), also known as open bidding, which became a server side competitor to header bidding.

Now, a key proposal from Google Chromes Privacy Sandbox, FLEDGE, presents an opportunity for a more transparent process. Moving two-level auctions to the browser seems perfect for client-side auctions, just like the header-bidding solutions that publishers like. However, there are concerns around whether the FLEDGE proposals will treat all supply-side platforms (SSPs) equally in programmatic auctions within Googles marketplace.

In theory, the FLEDGE proposal offers a solution comparing all bidding partners on a level playing field, similar to how todays header-bidding solutions work. However, there are question marks around whether this is the path that the Google Ad Manager team will choose to go down.

Can Google play fairly?

Current header-bidding solutions are a work-around to allow external demand to compete in Google Ad Manager. Header-bidding demand is transparent and easily auditable in a browser. The logic to select from that demand is governed by an open-source consortium and configured by the publisher. As a result, the header-bidding auction is auditable by the publisher and auction participants.

However, as it stands, the header-bidding auction winner is passed into Google Ad Manager so that it can compete in an (opaque) ad server auction. Google Ad Manager performs the final ad selection, choosing between header-bidding demand and Google Ad Exchange demand. This leads to accusations that Google sometimes unfairly favors its own demand during auctions.

In the future, will Google try to retain its position of top-level auctioneer? Theres no straightforward answer yet.

Industry experts like Joel Meyer, chief architect at OpenX, and Aram Zucker-Scharff, engineering lead for privacy and security compliance at The Washington Post, all agree that transparency of auctions and equal treatment of all market participants should be a top priority for Google. And Google has already shown its willingness to adapt its proposals based on the feedback of the global ad tech community.

But the debate surrounding the future of ad auctions is still a live one.

A more level playing field

To move forward, the industry needs an independent top-level auction handler (independent from a specific ad server) that will guarantee a level playing field for advertisers, DSPs, SSPs and publishers. The auction should be equal for all participants.

There is no specific reason why Google Ad Manager should fill the role of top-level auctioneer. It could just as likely participate in component auctions on an equal footing with other SSPs. Other entities be it the SSPs or, for example, Prebid should be just as capable of taking the role of top-level auctioneer.

The Prebid model as an open-source code is desirable due to its impartiality. An impartial top-level auctioneer would allow publishers and buyers to transact openly and fairly, with assurances that no party is preferred a statement that can be audited in an open codebase if needed. Support from the Prebid community and open Prebid model would guarantee higher adoption, better trust and broader support from publishers and ad tech vendors in the origin trials. This would lead to a multi-SSP auction landscape, which could deliver real benefits for the entire digital ad ecosystem.

Under this model, Google Authorized Buyers would participate in component auctions equally with other SSPs and have no way to skip bids directly to the top-level auction. Likewise, Google would not have any means to create artificial technical blocks to other SSPs willing to participate directly in FLEDGE auctions, which would, in turn, incentivize them to participate via EBDA (open bidding).

Publishers and their vendors should also have the technical means to compare demand in GAM without using EBDA.

Developing a solution based on these proposals will lay the foundation for a more transparent and equal playing field for the entire industry to the benefit of everyone.

Follow RTB House (@RTBHouse) and AdExchanger (@adexchanger) on Twitter.

Original post:

When It Comes To Header Bidding, Will Google Play Fair With FLEDGE? - AdExchanger

Synopsys Consistently Placed Highest in Ability to Execute and Completeness of Vision Four Years in a Row

MOUNTAIN VIEW, Calif., April 21, 2022 /PRNewswire/ -- Synopsys, Inc. (Nasdaq: SNPS), today announced it has been named by Gartner, Inc. as a Leader in the "Magic Quadrant for Application Security Testing" for the sixth consecutive year.1 In the report, Gartner evaluated 14 application security testing vendors based on their Completeness of Vision and Ability to Execute. Synopsys placed highest in Ability to Execute and Completeness of Vision for the fourth year in a row.

As the speed and complexity of development increases and the occurrence of high-impact application security breaches becomes more frequent, security and development teams are looking to integrate and automate security testing as part of their software development activities.

According to the authors of the report, "Gartner continues to observe that the major driver in the evolution of the AST market is the need to support enterprise DevSecOps and cloud-native application initiatives. Customers require offerings that provide high-assurance, high-value findings, while not unnecessarily slowing down development efforts. Clients expect offerings to fit earlier into the development process, with testing often driven by developers, rather than security specialists. As a result, this market evaluation focuses heavily on the buyer's needs involving support of rapid and accurate testing for various application types, capable of integration in an increasingly automated fashion throughout software delivery workflows."

"Recent high-profile vulnerabilities and software supply chain attacks have highlighted that managing software risk is becoming increasingly complex," said Jason Schmitt, general manager of the Synopsys Software Integrity Group. "Organizations need a variety of integrated and interoperable application security solutions to address risks across the SDLC and the broader software supply chainsolutions that help them prioritize their remediation efforts while maintaining the velocity of their development workflows. We have made significant investments in these areas over the past year, including the release of new Rapid Scan capabilities for Coverity SAST and Black Duck SCA, the launch of Code Sight Standard Edition, a standalone version of our IDE plugin for developer-driven testing, and the acquisition of Code Dx, an open platform that helps security and development teams correlate and prioritize security findings across their AST tool portfolio. We believe our continued recognition by Gartner as a Leader in application security testing validates our strategy and ability to address the evolving needs of the market."

Story continues

Download a complimentary copy of the 2022 Gartner Magic Quadrant for Application Security Testing to learn more.

Over the past year, the Synopsys Software Integrity Group has announced several new offerings and initiatives that have contributed to the business's growth and momentum:

In June of 2021, Synopsys acquired Code Dx, the provider of an award-winning application security risk management solution that automates and accelerates the aggregation, correlation, deduplication, and prioritization of software vulnerabilities from Synopsys' broad portfolio of solutions as well as more than 100 third-party commercial and open source products. Code Dx provides consolidated risk reporting that creates a system of record for application security testing and enables a unique view into the risk associated by an organization's software.

In July of 2021, Synopsys announced the availability of new Rapid Scan capabilities within the company's Coverity static application security testing (SAST) and Black Duck software composition analysis (SCA) solutions. The Rapid Scan features provide fast, lightweight vulnerability detection for both proprietary and open source code. Rapid Scan is optimized for the early stages of development, particularly for cloud-native applications and infrastructure-as-code (IaC).

In February of 2022, Synopsys announced the general availability of Code Sight Standard Edition, a standalone version of the Code Sight plugin for integrated development environments (IDE) that enables developers to quickly find and fix security defects in source code, open source dependencies, infrastructure-as-code files, and more before they commit their code.

In October of 2021, Synopsys enhanced its Black Duck software composition analysis solution to address customers' emerging needs around software supply chain security. The enhancements enable Black Duck customers to produce a software bill of materials (SBOM) in the standardized SPDX 2.2. format approved by NIST, a capability that is increasingly important for software vendors looking to comply with Executive Order 14028.

Synopsys continues to invest in its "partner first" go-to-market approach by expanding its global channel partner network and enhancing the benefits and operational support in its partner program to better serve the channel. As a result, Synopsys has experienced significant growth and momentum in indirect sales through an expanded ecosystem of resellers, managed service providers, system integrators and consulting firms providing solutions and services to our customers. Synopsys recently received a 5-star rating in the 2022 CRN Partner Program Guide.

1. Gartner, Inc. "Magic Quadrant for Application Security Testing" by Dale Gardner, Mark Horvath, and Dionisio Zumerle, April 18 , 2022.

GARTNER and Magic Quadrant are registered trademarks and service marks of Gartner, Inc. and/or its affiliates in the U.S. and internationally and are used herein with permission. All rights reserved.

Gartner Disclaimer

Gartner does not endorse any vendor, product or service depicted in its research publications, and does not advise technology users to select only those vendors with the highest ratings or other designation. Gartner research publications consist of the opinions of Gartner's research organization and should not be construed as statements of fact. Gartner disclaims all warranties, expressed or implied, with respect to this research, including any warranties of merchantability or fitness for a particular purpose.

About the Synopsys Software Integrity Group

Synopsys Software Integrity Group provides integrated solutions that transform the way development teams build and deliver software, accelerating innovation while addressing business risk. Our industry-leading portfolio of software security products and services is the most comprehensive in the world and interoperates with third-party and open source tools, allowing organizations to leverage existing investments to build the security program that's best for them. Only Synopsys offers everything you need to build trust in your software. Learn more at http://www.synopsys.com/software.

About Synopsys

Synopsys, Inc. (Nasdaq: SNPS) is the Silicon to Software partner for innovative companies developing the electronic products and software applications we rely on every day. As an S&P 500 company, Synopsys has a long history of being a global leader in electronic design automation (EDA) and semiconductor IP and offers the industry's broadest portfolio of application security testing tools and services. Whether you're a system-on-chip (SoC) designer creating advanced semiconductors, or a software developer writing more secure, high-quality code, Synopsys has the solutions needed to deliver innovative products. Learn more at http://www.synopsys.com.

Editorial Contacts:Mark Van Elderen Synopsys, Inc.650-793-7450mark.vanelderen@synopsys.com

Cision

View original content:https://www.prnewswire.com/news-releases/synopsys-named-a-leader-in-the-2022-gartner-magic-quadrant-for-application-security-testing-for-sixth-consecutive-year-301530185.html

SOURCE Synopsys, Inc.

Continue reading here:

Synopsys Named a Leader in the 2022 Gartner Magic Quadrant for Application Security Testing for Sixth Consecutive Year - Yahoo Finance

22 days ago, Bitcoin.com News wrote about a Coin Insider trends study that combed through Google Trends data in the United States. According to the report, dogecoin was the most Googled cryptocurrency in the country. Another study published by askgamblers.com has covered similar data, but concentrated on the U.K.s and Europes Google searches. According to the report, while bitcoin is the most popular crypto asset in Europe, the study of the trends shows that the meme token shiba inu is the most popular in the United Kingdom.

This week Bitcoin.com News was sent a report from askgamblers.com that analyzes Google Trends (GT) data over the last year in order to find out what the most popular crypto assets are in the U.K. and Europe. According to the findings, bitcoin (BTC) is the most popular digital currency in Europe as it was the most searched crypto in 21 countries. BTC outpaced the competitors in the askgamblers.com study, as the leading crypto asset rules the roost in countries like Germany, Finland, Norway, Poland, Romania, and Belgium.

While bitcoin (BTC) was the top crypto across Europe, shiba Inu (SHIB) is the most popular cryptocurrency in the U.K., according to the researchers collected Google searches. The meme token SHIB saw a significant increase in popularity during the last 12 months. The studys findings show SHIB commands six different countries and the United Kingdom. In fact, SHIB is huge in Russia, France, Spain, Ukraine, Italy, Hungary, and Switzerland, in terms of GT searches.

Additionally, ethereum (ETH) was the third most popular in the study capturing interest from Sweden, Czechia, Latvia, and Slovenia. Then cardano (ADA) held the fourth position in terms of GT search data, as Andorra, the Netherlands, and Bulgaria showed a lot of interest in ADA. With dogecoin (DOGE) being the most popular in the U.S., it is the fifth in Europe as the meme crypto is popular in Albania and Greece.

With 38 million crypto users in Europe, and thousands of cryptocurrencies on the market to choose from, it is fascinating to see which one people are the most interested in investing in, a spokesperson from askgamblers.com told Bitcoin.coms newsdesk. Although bitcoin is the most popular overall, the interest in shiba inu has grown to surpass bitcoin in major countries such as Russia and the U.K.

In the U.S. research study published by Coin Insider, shiba inu (SHIB) only captured seven states across the country. Dogecoin was named the leader in that study as DOGE was the most popular in 23 states in the U.S., in terms of GT searches. SHIBs popularity in the U.S., according to the data in that specific report, was ranked the fourth most popular crypto in the country.

What do you think about the popularity of bitcoin in Europe and the shiba inu interest in the U.K.? Let us know what you think about this research study in the comments section below.

Jamie Redman is the News Lead at Bitcoin.com News and a financial tech journalist living in Florida. Redman has been an active member of the cryptocurrency community since 2011. He has a passion for Bitcoin, open-source code, and decentralized applications. Since September 2015, Redman has written more than 5,000 articles for Bitcoin.com News about the disruptive protocols emerging today.

Image Credits: Shutterstock, Pixabay, Wiki Commons

Disclaimer: This article is for informational purposes only. It is not a direct offer or solicitation of an offer to buy or sell, or a recommendation or endorsement of any products, services, or companies. Bitcoin.com does not provide investment, tax, legal, or accounting advice. Neither the company nor the author is responsible, directly or indirectly, for any damage or loss caused or alleged to be caused by or in connection with the use of or reliance on any content, goods or services mentioned in this article.

Read more from the original source:

Google Trends Study Shows SHIB Is the Most Popular Crypto in the UK Bitcoin News - Bitcoin News

JavaScript is a great programming tool, but JavaScript security problems can cause significant damage to organizations and their customers. To help cybersecurity professionals and software developers better understand everything they need to know to improve JavaScript security, weve developed a free, comprehensive e-book, The Ultimate Guide to JavaScript Security. In it, we address the increasing number of threats and damaging attacks connected to JavaScript vulnerabilities, flaws, and open-source libraries. The guide highlights the fundamental risks associated with using JavaScript in an unprotected client-side environment, and what application security professionals and web application developers can do to better protect their websites and customers.

Among professional developers, for the last nine years in a row, JavaScript has been cited as the most popular programming language, according to the 2021 Stack Overflow Developer Survey. This comes as no surprise. JavaScript is easy to learn and use, operates quickly within a browser, works well with other programming languages, reduces server load, and offers programmers the ability to create rich and engaging interfaces.

But JavaScript has one big problem: it is highly insecure, with threat actors increasingly using JavaScript to deliver attacks, often from open-source and third-party JavaScript libraries.

The power of JavaScript is evident across todays digital landscape. Almost 98% of all websites use JavaScript as the client-side programming language to add interactive behavior to webpages and to create web and mobile apps. Banking sites use it for customer forms; e-commerce sites depend on it heavily to support the user experience during the shopping and purchasing process; and businesses use it for advertising and analytics.

However, traditional perimeter security tools, like firewalls, dont secure the front end or client side of a web application. This means that any organization leveraging JavaScript on the client side is at much greater risk of attack from threats like Magecart, e-skimming, formjacking, and cross-site scripting.

The free, new e-book: The Ultimate Guide to JavaScript Security contains five primary sections that cover everything businesses, AppSec professionals, CISOs, and web developers need to know about JavaScript security:

Each of these sections addresses key issues related to JavaScript security from a client-side perspective and provides the reader with guidance on how to better protect customers and businesses.

Key highlights from The Ultimate Guide to JavaScript Security include:

If you are an AppSec professional or CISO, or maintain a website to support your end users as part of your business model, then client-side security is crucial. Download this free e-book The Ultimate Guide to JavaScript Security. Gain a better understanding of JavaScript security threats and how you can protect your business and your customers from e-skimming, Magecart, cross-site scripting, and the multitude of other cyberthreats attacking the front end of your web applications.

The post Everything You Need to Know to Improve JavaScript Security appeared first on Feroot.

*** This is a Security Bloggers Network syndicated blog from Feroot authored by Mary. Read the original post at: https://www.feroot.com/blog/everything-you-need-to-know-to-improve-javascript-security/

See the rest here:
Everything You Need to Know to Improve JavaScript Security - Security Boulevard

Topgolf Entertainment Group, a modern day, technology-enabled golf entertainment company, is set to open a first-of-its-kind experience in El Segundo on Friday, April 15. The location features traditional and non-traditional ways to play golf through the company's signature three-level venue experience as well as an adjacent 10-hole, lighted, par-3 golf course.

"This is a very exciting opening for Topgolf as the game of golf continues to grow and diversify both on and off the course. We are thrilled to be part of this movement and for the opportunity to become a part of the El Segundo community," said Topgolf Chief Executive Officer Artie Starrs. "From the variety of experiences to the next-level technology features, our El Segundo location will bring the power of play to so many as we continue to shape the future of golf."

The Topgolf venue in El Segundo is an open-air, three-level venue that features 102 outdoor hitting bays, a restaurant and sports bar offering chef-inspired menu items, top-shelf drinks, music and year-round programming for all ages.

The venue is fully equipped with Topgolf's latest technology including a giant TV wall, brand-new ball dispenser units, large HD screens in the outfield, and the company's signature Toptracer technology. Toptracer is the most trusted ball-tracing technology in the golf industry, powering the experience at the venue and enabling players at Topgolf to enjoy favorite games including Angry Birds and Jewel Jam.

As part of the unmatched experience, Topgolf partnered with renowned golf course designer Mike Angus to refresh and reintroduce the beloved Lakes at El Segundo golf course to the community.

The course features a 10-hole, par-3 course where players can have laid back fun while playing a round of traditional golf. The course was uniquely designed to not only challenge the experienced golfer, but also create a fun experience for the novice golfer. Each hole is unique as players discover quirky names and hidden gems throughout the course.

Similar to what players can experience in venue or see on TV during professional golf majors, the 10th hole of the course is equipped with Topgolf's Toptracer technology that allows players to trace their shots like the pros. After assuming operations of The Lakes at El Segundo, Topgolf renovated the golf course complete with new turf and grass, refurbished lakes, night-lighting, a built-in music system, and a brand-new Golf Shop offering food, beverages and golf equipment.

Beyond playing at the venue and golf course, Topgolf El Segundo and The Lakes at El Segundo will collectively employ approximately 500 Associates, further strengthening the Greater Los Angeles area's economy.

As part of Topgolf's ongoing commitment to bring the power of play to the community, Topgolf hosted a unique ceremonial eightsome charity swing event that benefited the local Los Angeles Make-A-Wish Chapter. Composed of local celebrities, well-known golfers, and public officials, Topgolf donated $20,000 to grant a child's wish in the greater Los Angeles area.

"If you're not a golfer, it's much like romance, you don't have to be romantic to get the job done. You don't need to be a good golfer to come out here and play," said George Lopez. "And you can play at night!"

This latest Topgolf in El Segundo marks the fourth venue to serve the state of California alongside venues in Ontario, San Jose and Roseville (Sacramento).

Original post:
Topgolf opens first-of-its-kind experience in El Segundo with venue and newly renovated lakes at El Segundo Golf Course - CBS News

Spotify is rebranding its Greenroom live audio app as Spotify Live and will bring its features into the main Spotify app, the company announced Tuesday. Spotify Live will be available as both a standalone app and a livestream feature in the main app. At present, the main app will include select live content from original programming, and the standalone Spotify Live app will be open to all independent creators.

Listeners will be able to tune in to live programming on Spotify via the creators podcast or artist page, and if they want to participate in the chat or join the host onstage, they can head to the Spotify Live app to do so, according to a blog post on the companys website.

Bloomberg first reported last month that a name change was coming for Greenroom, which Spotify launched last year as a potential competitor for Clubhouse. Greenroom was built on Locker Room, an app created by Betty Labs, a software developer acquired by Spotify last March. The app got off to a slow start, however, lagging behind other live audio competitors like Twitter Spaces.

In its release, Spotify said its rolling out some live event programming to kick off the rebrand, including events with Spotify-exclusive podcast Off the Record with DJ Akademiks today at 12:30PM ET and After Hours with Alex Cooper, host of Call Her Daddy, on Wednesday at 10PM ET.

Go here to read the rest:
Spotify adds live audio programs and rebrands Greenroom app as Spotify Live - The Verge

CHICAGO Chicago Public Schools students are counting down the days to summer break, and so are city leaders.

Chicago Mayor Lori Lightfoot announced summer opportunities and programming for Chicagos youth on Monday at a 1:30 p.m. event from Foster Park Fieldhouse.

The mayor touted the citys One Summer Chicago program, which pairs Chicagoans 14 to 24 years old with employment and internship opportunities. She announced the application portal is now open and encouraged eligible residents to begin applying.

Mayor Lightfoot also discussed the Chicago Youth Service Corps which provides paid opportunities for residents ages 16 to 24.

For those looking elsewhere to earn a seasonal salary, the Chicago Park District also has several summertime positions posted. Summer 2022 park district day camps, however, are not yet open for registration. Those can be viewed beginning May 2 with online registration opening a week later on May 9.

Additional speakers included Chris Brown, commissioner of Chicago Public Library, Brandie Knazze, commissioner of Chicagos Department of Family and Support Services, and Farah Tunks, regional director of the Chicago Park District, all of which discussed what their organizations were providing for the citys youth through the summer.

Read the original post:
Summer in Chicago: Leaders announce seasonal paid opportunities, programming for the citys youth - WGN TV Chicago

(Washington, DC)As DC Public Schools (DCPS) prepare to go on Spring Break, Mayor Muriel Bowser is reminding families that the District will be hosting daytime and evening programming next week and on Monday, April 18, to help keep students engaged during their out of school time.

DPR is providing full-day options for parents of youth ages 3-5 years old and6-12 years old at recreation centers across the District from April 11-14. The camps will offer a blend of enrichment activities, sports, and arts and crafts.

On Monday, April 18, when DCPS will be closed for staff development, DPR will offer Fun Day and Wee Fun Day camps for children ages 6-12 and 3-5, respectively, featuring enriching activities, sports, arts and crafts, and more.

Next week, the District will host #HealthyHeroesDC Kids Week, featuring fun activities and community events with opportunities for students and families to get vaccinated against COVID-19. DC Health will also offer vaccination pop-ups at DPR Spring Break camps throughout the week. Visit backtoschool.dc.gov/kidsweek to learn more and see the full list of events.

Hair Love StoryWalk @ Bellevue LibraryWhat: Children are invited to participate in an outdoor interactive picture walk of the book Hair Love. The event will also feature face painting and other surprise activities.When: Monday, April 11, 12 pm 4 pmWhere: Bellevue Library

Rosedale Spring FlingWhat: A fun-filled spring event where families will enjoy some food, games, and music.When: Wednesday, April 13, 2 pm 6 pmWhere: Rosedale Recreation Center Football Field

Hillcrest Easter JamboreeWhat: A fun day of arts & crafts, scavenger hunts, and more.When: Thursday, April 14, 5:30 pm 7:30 pmWhere: Hillcrest Recreation Center

Easter Eggstravaganza and Movie Night @ Fort Stanton Recreation CenterWhat: Community Easter event with music, game stations, obstacle courses, arts and crafts tables, and easter egg hunt, followed by a special showing.When: Thursday, April 141 pm 4 pm (Egg Hunt)5 pm 7 pm (Movie)Where: Fort Stanton Recreation Center

Spring Fling DiveWhat: Youth will participate in an egg dive in the swimming pool.When: Saturday, April 16, 1 pm 4:30 pmWhere: Turkey Thicket Aquatic Center

Mayor Bowser also continues to encourage DC youth ages 5-12 to participate in the #HealthyHeroesDC Youth Art Contest. Students can submit their artwork showcasing how they are protecting their community, including getting vaccinated against COVID-19. Selected winners will have their artwork featured in a District wide media campaign. Visit backtoschool.dc.gov/YouthArtContest to learn more.

Pastel Color ExtravaganzaWhat: Youth will decorate eggs and baskets to take home, incorporating an egg hunt and candy.When: Monday, April 11, 3 pm 5 pmWhere: Barry Farm Recreation Center

Intergenerational Spring Walk-a-ThonWhat: Come walk into spring! We will have a pre-game warm-up party, an all-in team stretch session, and cool down.When: Wednesday, April 13, 11:30 am 1:30 pmWhere: Fort Stevens Recreation Center Basketball Court

Intergenerational Spring BlingWhat: Seniors and teens will come together to meet and greet, and congregate listening to different genres of music using silent headphones.When: Wednesday, April 13, 1 pm 3 pmWhere: Columbia Heights Community Center

Spring Seekers Finders KeepersWhat: A scavenger hunt for eggs with small prizes.When: Wednesday, April 13, 10 am 12 pmWhere: Arthur Capper Playground

Late Night Hype 2.0What: A teen-night and pool party from 7 11 pm that continues with open rec activities until sunrise.When: Thursday, April 14, 7 pm 11 pm (Open rec: 11 pm sunrise)Where: Deanwood Recreation Center and Pool

Trinidad & Tobago Under-20 National Team TryoutsWhat: Residents can watch invited North American-based Trinbagonian players scrimmage for a chance to join the Trinidad & Tobago Under-20 National Team that will compete in CONCACAF championships this summer in Honduras.When: Saturday, April 16 & Sunday, April 17, 9 am 12 pmWhere: Edgewood Recreation Center

Intergenerational Easter Egg HuntWhen: Monday, April 18, 4 pm 5 pmWhere: Fort Stevens Seniors Center

Eagles Easter Egg-stravaganza & Egg-luminate Night HuntWhat: Annual Easter celebration event for the Bald Eagle & Ward 8 community.When: Monday, April 18, 6:30 pm 9:30 pmWhere: Bald Eagle Recreation Center

To learn more and register for events, please visit dpr.events.

PetalpaloozaWhat: Celebrate spring at Petalpalooza for a full day of live music and engaging activities. The evening is capped by a fireworks show.When: Saturday, April 16, 1 pm 9 pmWhere: Capitol Riverfront at the Yards

Admission is free of charge at all Smithsonian museums and the National Zoo. Timed-entry passes are only required at the National Museum of African American History and Culture and the National Zoo. A full schedule for Smithsonian Museums and the National Zoo can be found online.

The Districts family success centers in Wards 7 and 8 will be open next week, Monday Thursday, from 8:15 am 4:45 pm. Vaccinations will be offered throughout the success centers.

Nine indoor pools are open across the District next week, including Marie Reed, Wilson, Roosevelt, Turkey Thicket, Dunbar, William H. Rumsey, Deanwood, HD Woodson, and Barry Farm. For hours of individual pools, please visit dpr.dc.gov/page/indoor-pools (all DPR facilities are closed Friday, April 15, in observance of DC Emancipation Day).

DC Public Library (DCPL) locations will be open all week, with select locations open on Friday, April 15. The Anacostia Library, Benning Library, Mt. Pleasant Library, Petworth Library, Southwest Library, Tenley-Friendship Library, Woodridge Library, and the Martin Luther King Jr. Memorial Library will be open on Friday, April 15, from 10 am 6 pm All Library locations will be closed on Saturday, April 16 for DC Emancipation Day and on Sunday, April 17 for Easter.

The Districts Office of Out of School Time Grants and Youth Outcomes (OST) partners with community-based organizations to offer youth enriching opportunities to grow and thrive outside the classroom. A full list of available programs across all eight wards can be found here.

DPR Meal Distribution sites will offer meals from 12 pm 2 pm at 18 sites from Monday, April 11 through Thursday, April 14. A full list of sites is available at dpr.dc.gov/afterschoolmeals.

Meal distribution sites at DCPS be closed from April 11 through April 15. On Friday, April 8 from 10 am 2 pm, open meal sites will distribute up to seven breakfast and lunch kits since meal sites will be closed during Spring Break. Youth can visit Anacostia HS, Ballou HS, Columbia Heights EC, Dunbar HS, Eastern HS, Hardy MS, Jackson-Reed (Wilson) HS, Ron Brown HS, Roosevelt HS, and HD Woodson HS to receive meals.

During Spring Break, DC Central Kitchens mobile meal truck will be making stops at select schools. The free lunch bags - that include two days worth of healthy proteins, fruit, and milk - will be distributed on a first come, first serve basis. Meal delivery schedule below.

Monday, April 11; Wednesday, April 13; and Friday, April 15:

Tuesday, April 12; Thursday, April 14; and Monday, April 18

Social Media:Mayor Bowser Twitter:@MayorBowserMayor Bowser Instagram:@Mayor_BowserMayor Bowser Facebook:facebook.com/MayorMurielBowserMayor Bowser YouTube:https://www.bit.ly/eomvideos

Read more:
As DCPS Goes on Spring Break, the District to Offer Daytime and Evening Programming for Students | mayormb - Executive Office of the Mayor