Sign up for our newsletter!
Stay informed on the latest DevOps news

DevOps.com

Microservices Journal

Survey Surfaces Multiple Persistent DevSecOps Challenges

Survey Surfaces Multiple Persistent DevSecOps Challenges

| | appsec, devops, survey
A survey of leaders based in North America finds 62% work for organizations that knowingly release insecure code to meet delivery deadlines ...
AI, code, Amazon, amazon Q, secure devops, AI, AI shift left Jit Rezilion DevSecOps Shifting Left and Static Code Analysis with Perforce

When AI Assistants Turn Against You: The Amazon Q Security Wake-Up Call

| | ai, Amazon, code, devsecops
Amazon Q coding assistant was compromised with malicious prompts designed to wipe AWS accounts. What this near-miss teaches us about AI security ...
DevOps, jobs, careers, talent, engineer,

Five Great DevOps Job Opportunities

| | careers, devops, job market, jobs
DevOps.com is now providing a weekly DevOps jobs report through which opportunities for DevOps professionals will be highlighted as part of an effort to better serve our audience. Our goal in these ...
platform , engineering, software, AI, platform engineering, CoE, AI, IT Ops production environment

“DevOps is Dead? Long Live DevOps-Powered Platforms”

| | ai, devops, platform engineering, PlatformCon 2025
If PlatformCon NYC proved anything, it’s that the DevOps ethos of collaboration, automation and continuous improvement now has a bigger, better stage ...
supply chain, software, Checkmarx, data, Endor, SCA, supply chain, security, workflows, supply chain, software, supply chain security, appsec, polyfill, software, supply chains, DevOps, DevSecOps, Google supply chain

Checkmarx Surfaces Malicious Effort to Compromise Software Supply Chains

| | data, devops, malware, Software Supply Chain, typo-squatting
Checkmarx, this week, reported it has discovered malicious software packages that, in addition to injecting malware capable of bypassing endpoint security to exfiltrate data, also provide persistent remote access and control of ...
LaunchDarkly Acquires Highlight to Bring Observability to Application Release Management

LaunchDarkly Acquires Highlight to Bring Observability to Application Release Management

| | devops, feature flags, monitoring, observability
LaunchDarkly is looking to bring observability to feature flag management by acquiring Highlight, a provider of an open-source application monitoring tool ...
Legit, Sonatype OpenZiti open source software Commvault

Legit Security Extends AI Reach of ASPM Platform

| | ai, devsecops, RSAC 2025, vulnerabilities
Legit Security at the 2025 RSA Conference today extended the reach of its application security posture management (ASPM) platform that leverages artificial intelligence (AI) to identify vulnerabilities and other weaknesses to now ...
Lineaje, AI, agents, Cycode, SAST, analysis, Black Duck, open-source, coding, DevSecOps, OpenText, Process, DevSecOps, ASPM, Cycode SecOps GitLab Quali SigStore OWASP DevSecOps vulnerabilities security Pulumi DevSecOps Analyzing Code for Security Vulnerabilities

Lineaje Leverages AI Agents to Secure Open Source Packages and Images

| | devsecops, open source, vulnerabilities
Lineaje has added artificial intelligence (AI) agents that leverage multiple types of code scanners to ensure the open-source software packages and artifacts being used by application developers are truly secure ...
job, opportunities, devops, career, jobs

Five Great DevOps Job Opportunities

| | careers, devops, jobs
DevOps.com is now providing a weekly DevOps jobs report through which opportunities for DevOps professionals will be highlighted as part of an effort to better serve our audience. Our goal in these ...
code data, agentic, JFrog, security, devsecops, Digma, code, Go, code, kernel, eBPF, Veracode GitKraken JFrog GitGuardian organizations, quality fear unknown software app Rust Contrast Security Adds API Support to Application Security Platform

Typosquat Supply Chain Attack Targets Go Developers

| | GitHub repositories, Golang, malicious code, software supply chain attacks
A backdoor that impersonates a widely used database module in the popular Go programming language can give hackers control of infected systems, according to a senior threat intelligence analyst with developer-focused platform ...
job, opportunities, careers, DevOps,

Five Great DevOps Job Opportunities

| | careers, devops, jobs
DevOps.com is now providing a weekly DevOps jobs report through which opportunities for DevOps professionals will be highlighted as part of an effort to better serve our audience. Our goal in these ...
components, SBOMs, development, RunSafe, supply chain, software, SBOMs, Codenotary SBOM DevOps Intel VMware security

RunSafe Security Extends Platform Reach to Build More Accurate SBOMs

| | code, devops, SBoM, SBOMs
RunSafe Security this week added an ability to generate a software bill of materials (SBOM) based on the code actually included in an application before it is deployed in a production environment ...
Show More