Tag: devops security
Agentic DevSecOps: AI Security Co-Pilots for Your CI/CD Pipeline
Joydip Kanjilal | | agentic AI, AI copilots, AI Governance, AI incident response, AI pipeline management, AI security, AI security agents, AI threat detection, AI vulnerability scanning, AI-driven security, AI-powered DevSecOps, application security, autonomous AI agents, autonomous security testing, CI/CD security, Cloud Security, continuous security monitoring, cybersecurity automation, devops security, devsecops, devsecops automation, infrastructure security, intelligent automation, real-time threat intelligence, SDLC security, Secure software delivery, security automation, security operations, security orchestration, security posture management, software development lifecycle, software security, threat remediationThe emergence of AI has brought endless possibilities and innovative opportunities in today’s ever-changing, fast-paced technology landscape. AI is helping development teams produce software significantly faster than ever before. AI-enabled DevSecOps tools ...
Cyber Threats to DevOps Platforms Rising Fast, GitProtect Report Finds
Jeff Burt | | Azure DevOps, CI/CD, code repositories, Cybersecurity, DevOps platform downtime, devops security, extortion, GitHub security, GitProtect.io DevOps Threats report, GPUGate, JIRA, Kaspersky Lab, NPM security, Ransomware, Shai-HuludThe number of incidents targeting DevOps platforms grew 21% in 2025, but the amount of downtime jumped almost 95%, the security firm said ...
GitHub Adds 37 New Secret Detectors in March, Extends Scanning to AI Coding Agents
Tom Smith | | AI coding agents, automated remediation, Credential Leakage, DeepSeek, devops security, GitHub MCP Server, GitHub Secret Scanning, LangChain, Push Protection, secret detection, Snowflake, Software Supply Chain, Token Validity Checks, VercelGitHub's March 2026 updates introduce secret scanning for AI agents via MCP, 37 new detectors, and expanded push protection. Learn how to secure AI-generated code ...
AWS CodeBuild Webhook Misconfiguration Exposed Admin Access Risk
Tom Smith | | AWS CodeBuild, AWS open source, build pipeline security, CI/CD security, devops security, GitHub security, regex security, Software Supply Chain, webhook misconfiguration, Wiz ResearchAWS fixed webhook filter misconfigurations in CodeBuild that could have allowed unauthorized repository access. No customer impact or malicious code found ...
How to Integrate Quantum-Safe Security into Your DevOps Workflow
Carl Torrence | | CI/CD pipeline security, Cloud Security, crypto-agility, cybersecurity modernization, devops security, devsecops, encryption protocols, future-proof DevOps, hybrid encryption, legacy to quantum-safe migration, post-quantum cryptography, quantum computing, quantum cybersecurity, quantum key distribution, quantum risk mitigation, quantum threats in DevOps, quantum-resistant algorithms, quantum-safe automation, quantum-safe CI/CD, quantum-safe encryption, secure DevOps workflowsThe rapid pace at which quantum computing is evolving is unprecedented, which is both good and bad news. While quantum computers can help solve complex problems at unimaginable speeds, they can also ...
Patch Management is Essential for Securing DevOps
Alexander Williams | | automated patching, automated rollbacks, canary deployments, CI gating, CI/CD pipelines, cloud-native security, continuous delivery security, CVE scanning, devops best practices, devops security, devsecops, feature flags, mean time to patch (MTTP), observability in devops, patch automation tools, patch management, runtime mitigation, SBoM, security automation, software bill of materials, software vulnerabilities, supply chain security, vulnerability discovery, vulnerability management, zero-day defense, zero-day exploitsZero-day exploits don’t wait for anyone and are one of the main reasons why the cybersecurity market will be worth a whopping $256 billion worldwide. In the current threat landscape, attackers weaponize ...
Git Services Need Better Security. Here’s How End-to-End Encryption Could Help
Tom Smith | | code security, devops security, end-to-end encryption, GitLab security, repository protection, secure development practices, Software Supply Chain SecurityA new study from the University of Sydney, UESTC, and Google introduces efficient end-to-end encryption for Git services like GitHub and GitLab. Learn how this breakthrough could secure your code repositories without ...
Worms in the Supply Chain: Shai-Hulud and the Next DevOps Reckoning
Jenn Yarnold | | artifact provenance, CI/CD security, continuous verification, credential theft, devops security, devsecops, GitHub tokens, npm malware, OIDC, pipeline security, SBoM, Secure software delivery, Shai-Hulud worm, short-lived tokens, Software Supply Chain, supply chain attackDevOps was supposed to make software delivery faster, safer and more reliable. For the most part, it has. But every so often, something nasty crawls out of the shadows and reminds us ...
The DevSecOps Career Path: What No One Tells You About Getting Started
Philip Piletic | | CI/CD security, Cloud Security, container security, developer security skills, devops security, DevOps to DevSecOps, devsecops, DevSecOps career transition, DevSecOps certifications, DevSecOps roadmap, DevSecOps skills, infrastructure as code security, OWASP Top 10, Secure software delivery, supply chain securityDevOps teams across organizations are suddenly finding themselves responsible for security with no roadmap. One day, teams are focused on deployment velocity and infrastructure automation, the next day, they're expected to understand ...
Elevating DevOps Security: Why Integrating Threat Modeling Transforms Pentesting
Akhil Mittal | | application security, devops security, pentesting, Risk-based security testing, threat modelingDo not stop at compliance — embrace threat-driven pentesting and build a security posture that is ready for the real-world threats your organization faces ...
5 Security Threats DevOps Teams Should Know
Gilad David Maayan | | application security, code scanning, devops security, devsecops, network filteringDevOps security (DevSecOps) is about breaking down silos and promoting open collaboration across teams ...
A DevOps Guide to the Language of DevSecOps
Security is increasingly important for DevOps due to the growing complexity of applications and the accelerated pace of development. As organizations adopt DevOps practices, they face new challenges in securing applications and ...
