IT Security

How to Avoid Risk When Using Multiple Low-Code Platforms
Organizations are still increasing their use of low-code/no-code (LCNC). But this adoption isn't always consolidated around one tool—frequently, multiple low-code/no-code platforms are used under the same roof. In fact, Gartner predicts that ...

Cycode Leverages eBPF to Secure CI/CD Pipelines
Cycode today added a Cimon extension to its application security platform that uses extended Berkeley Packet Filtering (eBPF) to thwart cyberattacks against continuous integration/continuous delivery (CI/CD) pipelines. Alex Ilgayev, head of security ...

Snyk to Add ASPM Platform via Enso Security Acquisition
Snyk this week announced it plans to acquire Enso Security, a provider of an application security posture management (ASPM) solution that tracks events and analyzes metadata collected from DevOps and security tools ...

DigiCert Allies With ReversingLabs to Secure Software Supply Chains
DigiCert today announced it has allied with ReversingLabs to integrate binary analysis and threat detection capabilities with a code signing service it provides. Deepika Chauhan, chief product officer for DigiCert, said the ...

Checkmarx Brings Generative AI to SAST and IaC Security Tools
Under an early access program, Checkmarx today made available query builder and guided automation tools that take advantage of OpenAI's generative artificial intelligence (AI) technologies to make it simpler for developers to ...

GitLab Adds More AI and Cybersecurity Capabilities to CI/CD Platform
GitLab this week delivered an update to its continuous integration/continuous delivery (CI/CD) platform that adds additional generative artificial intelligence (AI) and cybersecurity capabilities. The GitLab 16 release included cybersecurity capabilities such as ...

Red Hat Moves to Secure Software Supply Chains
Red Hat today announced a portfolio of cloud services designed to better secure software supply chains. The expanded portfolio includes Red Hat Trusted Application Pipeline to secure continuous integration/continuous delivery (CI/CD) workflows ...

Five Great DevOps Job Opportunities
DevOps.com is now providing a weekly DevOps jobs report through which opportunities for DevOps professionals will be highlighted to better serve our audience. Our goal in these challenging economic times is to ...

AWS Converts Cedar Policy-as-Code Tool to Open Source Project
At the Open Source Summit North America conference today, Amazon Web Services (AWS) announced it is making Cedar, a language for defining permissions as policies that includes automated reasoning to mathematically prove ...

GitGuardian Survey Surfaces Secrets Management Challenges
A survey of 507 IT decision-makers in the U.S. and the United Kingdom published today found 75% of respondents said a secret leaked from at least one application, with 60% noting that ...

ReversingLabs: Increased Focus on Software Supply Chain Security
A global survey of 300 global executives, technology and security professionals found software containing vulnerabilities (82%) followed by secrets leaked through source code (55%), malicious code (52%) and suspicious code (46%) posed ...

How DevSecOps Addresses Supply Chain Security
“The absence of security in the initial stages of system engineering is the single most significant cybersecurity gap and risk in modern system development.” This quote from tech entrepreneur Linda Rawson is ...