DevSecOps
Why DevOps Is Critical for Modern Business Resilience
Today’s business world operates in a state of constant change. What the customer wants to buy changes quickly, new competitors appear overnight, and cyber threats are changing faster than ever. In this ...
How Open Source Dependency and Repo Attacks Compromise DevOps Pipelines and How to Stay Safe
Alex Vakulov | | CVE, Dependency Governance, log4j, Malicious Code Injection, open source security, Package Managers, SBoM, secure development, supply chain risk, typosquattingModern applications rely on open source components for up to 90% of their code, creating a vast attack surface dominated by inhemalicious supply chain injections. High-profile incidents like Log4j and the sabotage ...
Claude Code Security Finds the Bugs That Static Analysis Can’t — and Wall Street Noticed
Claude Code Security scans code like a human researcher, not a rule engine. Anthropic found 500+ decade-old bugs — and cybersecurity stocks felt it ...
White Paper: The Future of DevSecOps in a Fully Autonomous CI/CD Pipeline
Abstract The growing complexity of modern software development and the increasing speed at which organizations need to deliver software have led to the widespread adoption of DevOps practices, particularly continuous integration/continuous deployment ...
How Benchmarking Can Help Software Development Teams Achieve CISA’s “Secure by Design”
In April 2023, the Cybersecurity and Infrastructure Security Agency (CISA) launched its Secure by Design initiative, directing technology companies to ‘prioritize the security of customers as a core business requirement, rather than ...
The Software Extinction Event That Wasn’t
The world may have just avoided a cybersecurity disaster, with potential impact of CrowdStrike x1000. Imagine if the world’s most pervasive programming language, used in the majority of organizations, services, websites and ...
Sumo Logic Previews GenAI Tool to Improve DevSecOps Observability
Sumo Logic this week at the RSA Conference previewed a copilot that leverages generative artificial intelligence (AI) to make it simpler for IT and cybersecurity professionals of varying levels of experience to ...
Securing the DevOps Pipeline: Tools and Best Practices
Because of the critical nature of the DevOps pipeline, security is becoming a top priority. Here's how to integrate DevSecOps ...
5 Security Threats DevOps Teams Should Know
Gilad David Maayan | | application security, code scanning, devops security, devsecops, network filteringDevOps security (DevSecOps) is about breaking down silos and promoting open collaboration across teams ...
Software Deployment Security: Risks and Best Practices
In an era where software is at the heart of every business, deploying applications securely and efficiently has never been more critical. ...
The Differences Between DevOps, DevSecOps and SRE
DevOps, DevSecOps and SRE are all quickly gaining traction within the tech world due to their effectiveness and promise of reliability for companies. Each framework provides various levels of safety and scalability—DevOps ...
Shift Left With DAST: Dynamic Testing in the CI/CD Pipeline
By focusing on application security like an attacker would, DAST can discover potential security threats that static testing methods might miss ...
