How GitHub Code Quality connects to AppSec

Description

It's our first on-location episode! At GitHub Universe, Katie Norton, Research Manager for IDC's DevSecOps and software supply chain security practice, explains how a new extension to GitHub's CodeQL reflects increased awareness of security as a dimension of code quality. She also discusses the shifting strategic partnerships and competition that come with increased convergence between AppSec and QA workflows, along with the AI security and governance concerns that still linger for enterprise IT organizations. Featuring: Katie Norton (https://www.linkedin.com/in/katie-d-norton/) , Research Manager for IDC's DevSecOps and software supply chain security practice In today’s episode, we’ll cover… • GitHub's application security updates at GitHub Universe • IDC's market research on AppSec - QA collaboration • The competitive implications of DevSecOps tool consolidation • Advice for enterprise IT organizations on AI governance and more! References: • GitHub Agent HQ opens platform to third-party coding agents (https://www.techtarget.com/searchitoperations/news/366622263/Atlassian-Rovo-pricing-shifts-amid-AI-adoption-struggles) • JFrog-GitHub partnership eyes software supply chain security (https://www.techtarget.com/searchsoftwarequality/news/366586543/JFrog-GitHub-partnership-eyes-software-supply-chain-security) • New GitHub Copilot agent edges into DevOps (https://www.techtarget.com/searchsoftwarequality/news/366623845/New-GitHub-Copilot-agent-edges-into-DevOps) • Glut of AI agent tools faces paradox of choice, skills gap (https://www.techtarget.com/searchitoperations/news/366633613/Glut-of-AI-agent-tools-faces-paradox-of-choice-skills-gap) To learn more about software development and platform engineering, check out Search IT Operations (https://www.techtarget.com/searchitoperations/) . To watch clips from our podcast, subscribe to our YouTube channel, @EyeOnTech (https://www.youtube.com/@HealthcareStrategies) .