Sign up for our newsletter!
Stay informed on the latest DevOps news

DevOps.com

Tag: CI/CD security

scanning, vulnerability, DevSecOps, security, Gitlab, CI/CD, ArmorCode, AI, Veracode, risk, devsecops, AI, security, developers, organizations, code, SBOMs, DevSecOps

What Makes Vulnerability Scanning Effective in Fast-Moving DevSecOps Pipelines Today? 

| | application security, CI/CD security, context-aware scanning, developer-friendly security, DevOps security integration, devsecops, modern security tools, noise reduction in alerts, real-time scanning, Secure software delivery, security feedback loop, security in pipelines, software vulnerabilities, vulnerability management metrics, vulnerability scanning
Traditional vulnerability scanning can’t keep pace with CI/CD. Learn how real-time, context-aware scanning reduces noise, speeds fixes, and enables secure DevSecOps at scale ...
CI/CD, building, Argo CD, pipeline, misconfigured, CI/CD, pipelines, pipeline, identity, zero trust, CI/CD, pipelines, AI/ML, database, DevOps, pipelines eBPF Harness CI/CD

Why CI/CD Pipelines Break Zero-Trust: A Hidden Risk in Enterprise Automation

| | CI/CD security, Open Policy Agent (OPA), Secure software delivery, SPIFFE / SPIRE, Workload attestation, zero-trust
This article highlights a critical blind spot in pipeline security: The gap between job identity and runtime trust. Here’s how organizations can finally close it.  ...
CI/CD, building, Argo CD, pipeline, misconfigured, CI/CD, pipelines, pipeline, identity, zero trust, CI/CD, pipelines, AI/ML, database, DevOps, pipelines eBPF Harness CI/CD

Tips For Securing CI/CD Pipelines

| | CI/CD, CI/CD security, pipelines, Software Supply Chain Security, supply chain
Most development teams want to increase the pace of their software delivery. As such, continuous integration and delivery (CI/CD) has grown in importance, helping push code from build to production as seamlessly ...