Sign up for our newsletter!
Stay informed on the latest DevOps news

DevOps.com

IT as Code

code data, agentic, JFrog, security, devsecops, Digma, code, Go, code, kernel, eBPF, Veracode GitKraken JFrog GitGuardian organizations, quality fear unknown software app Rust Contrast Security Adds API Support to Application Security Platform

Typosquat Supply Chain Attack Targets Go Developers

| | GitHub repositories, Golang, malicious code, software supply chain attacks
A backdoor that impersonates a widely used database module in the popular Go programming language can give hackers control of infected systems, according to a senior threat intelligence analyst with developer-focused platform ...
CISA, security, Salesforce Cybersecurity, API security, DevSecOps

CISA Pushes Steps to Better Secure Software and Product Designs

| | CISA, Cybersecurity, secure software development
The country’s top cybersecurity agency is urging developers to take steps to ensure the software they’re building and the products they roll out are secure and protect end users. The Cybersecurity and ...
code signing, trust, CodeRabbit, code, GenAI, Quali, Torque, code, Symbiotic, application developers, Zencoder, code, operations, code, commit, developer, mainframe, code, GenAI; code review efficiency cloud development

Operations as Code: Transforming Operational Excellence

| | IaC, operations, operations as code
The push toward digital transformation and cloud-native infrastructure is inevitable. This shift brings the need to manage operations with the same rigor and automation we apply to infrastructure or security. Many organizations ...
AWS, cloud, AWS cloud, migration, Akamai migration cloud trendsSnowflake Aryaka cloud security migration

AWS Cloud Migration Strategy

| | AWS, cloud, cloud migration
Migrating your project means moving your data from the on-premises data center to the cloud. Migration is a big task and AWS facilitates migration in phases ...
vulnerabilities, Jenkins vulnerability ransomware

CISA: Critical Jenkins Flaw Exploited in Ransomware Attacks

| | CI/CD, Jenkins, open source CD, Ransomware
The security vulnerability in the popular open-source development tool helps threat actors gain initial access into victims' systems ...
open source, software, security, open-source, Lineaje, Linux, open source, report, study, Open source code

White House to Spend $11 Million to Study Open Source Software Use

| | memory-safe language, open source software, White House
Hardening the security around open source software has been a key part of the White House’s larger cybersecurity efforts since President Biden released his executive order for improving the United States’ security ...
ZEST Security Brings Generative AI to Cloud Infrastructure Security

ZEST Security Brings Generative AI to Cloud Infrastructure Security

| | devops, GenAI, generative AI, IaC
ZEST Security has launched a platform that leverages generative artificial intelligence (AI) to remediate code created using infrastructure-as-code (IaC) tools ...
code, infrastructure as code, AI

Quali Bakes Generative AI into Environment as Code Platform

| | blueprint, devops, generative AI, infrastructure as code
Quali has added a generative artificial intelligence (AI) capability to its Torque platform for managing infrastructure-as-code that enables DevOps teams to use natural language to describe a template, that is then automatically ...
infrastructure, Terraform, IaC immutable infrastructure Pulumi GitOps

Scaling with Terraform: How to Manage Infrastructure at Scale

| | devops, IaC, infrastructure, Terraform
These key points can help you effectively manage Terraform infrastructure at scale, ensuring your systems are resilient, scalable and compliant with organizational policies and industry standards ...
Checkmarx, data, Endor, SCA, supply chain, security, workflows, supply chain, software, supply chain security, appsec, polyfill, software, supply chains, DevOps, DevSecOps, Google supply chain

Polyfill Becomes a Supply-Chain Risk to 100,000 Websites

| | JavaScript, malicious code, Polyfill
A Chinese company in February bought the domain and GitHub account for Polyfill, a popular open-source library used by more than 100,000 websites to deliver JavaScript code ...
centos tombstone

RIP CentOS. Hello AlmaLinux Rocky Linux, CentOS Stream or RHEL

| | AlmaLinux, centos7, linux, Linux distributions, red hat, rhel, Rocky Linux
CentOS 7's official end of life is June 30th. What should a DevOps team do? We help you consider your choices ...
hieroglyphs on the wall

AlmaLinux Introduces Engineering Steering Committee to Enhance Community Collaboration

| | AlmaLinux, linux, open source, operating systems
AlmaLinux is keeping its Linux community in the technology loop ...
Show More