DevSecOps
AI-Powered DevSecOps: Navigating Automation, Risk and Compliance in a Zero-Trust World
Michelle Buckner | | AI in DevOps, CI/CD pipeline security, cloud security best practices, continuous compliance, DevOps compliance, FedRAMP DevOps, GRC automation, microservices security, NIST compliance, security automationBreaking down how artificial intelligence (AI) is reshaping DevSecOps, the security pitfalls that come with it and how to balance the raw efficiency of automation with the actual realities of risk mitigation ...
Harmonizing AI-Driven DevOps: Building Secure, Self-Healing Pipelines With AWS Bedrock and SageMaker
Dinesh Besiahgari | | AI-Driven DevOps, Amazon SageMaker, AWS Bedrock, CI/CD Automation, devsecops, Self-Healing PipelinesThe combination of SageMaker and Bedrock enables DevOps teams to develop secure self-healing pipelines through AI harmonization, which transforms software delivery processes ...
ArmorCode Makes Anya AI Agent Generally Available
ArmorCode at the 2025 RSA Conference this week made generally available Anya, an artificial intelligence (AI) agent added to its application security posture management (ASPM) platform that has specifically been trained to ...
Lineaje Leverages AI Agents to Secure Open Source Packages and Images
Lineaje has added artificial intelligence (AI) agents that leverage multiple types of code scanners to ensure the open-source software packages and artifacts being used by application developers are truly secure ...
Cycode Adds AI Agent Teammates to Secure Software Supply Chains
Cycode, this week, added multiple artificial intelligence (AI) agents to its application security posture management (ASPM) capable of monitoring code and offering remediation suggestions. In addition, the company is adding an ability ...
Endor Labs Adds AI Agents to Automate Application Security Reviews
Endor Labs today added a set of artificial intelligence (AI) agents to its platform, specifically trained to identify security defects in applications and suggest remediations. Fresh off raising an additional $93 million ...
Veracode Extends Scope and Reach of DevSecOps Portfolio
Veracode today updated its risk management tool to provide integration with Kubernetes runtime environments, increased integration with code repositories to make it simpler to identify the origin of vulnerabilities and, available shortly, ...
AI-Generated Code Packages Can Lead to ‘Slopsquatting’ Threat
Jeff Burt | | AI code generation, AI hallucinations, Large Language Models, slopsquatting, software supply chain risksAI hallucinations – the occasional tendency of large language models to respond to prompts with incorrect, inaccurate or made-up answers – have been an ongoing concern as the enterprise adoption of generative ...
Report: Commercial Software Just as Vulnerable as Open Source
An analysis published by ReversingLabs, a provider of tools for securing application development environments, suggests that commercial software used in software supply chains is just as vulnerable as open-source code ...
Report: Bulk of Application Vulnerabilities Don’t Require Immediate Attention
An analysis of more than 101 million application security alerts conducted by OX Security, a provider of an application security posture management (ASPM) platform, finds only 2% to 5% require immediate action, ...
Demystifying Code-to-Cloud SecurityÂ
Code-to-cloud security is considered the future of application security, as it helps lower expenses, prevents data breaches and ensures compliance infringement, thereby protecting an organization’s reputation. ...
Securing the Future: DevSecOps in the Age of Artificial IntelligenceÂ
Why DevSecOps is a critical discipline in the AI era, the benefits and challenges of integrating AI into DevSecOps pipelines and why it provides a framework for successfully adopting these emerging technologies. ...
