Sign up for our newsletter!
Stay informed on the latest DevOps news

DevOps.com

Tag: devsecops

Minimus Adds VEX Support to Managed Hardened Images Service

Minimus Adds VEX Support to Managed Hardened Images Service

| | application security, devsecops, Kubernetes security, Minimus
Minimus has extended its managed service for providing application developers with hardened images to include support for the Vulnerability Exploittability eXchange (VEX) format used to share data across multiple application security tools ...
shift-left, developers, cloud security shift left

“Shove Left” – Dumping Downstream Tasks Onto Developers – A Recipe for Failure

| | Change Developer, database, devops, devsecops, shift left
Beware the "Shove Left" anti-pattern. Simply dumping downstream tasks onto developers without changing the system is a recipe for burnout, inefficiency and failure ...
trends, sustainabilty, devops trends, application, modernization, DevOps, AI, trends JFrog platform

Emerging DevOps Trends: Security, Scalability and Sustainability

| | DevOps trends, devsecops, Scalability in DevOps, Sustainability in DevOps
As DevOps continues to grow, rapid changes such as security, scalability and sustainability are at the forefront of these changes ...
AI, code, Amazon, amazon Q, secure devops, AI, AI shift left Jit Rezilion DevSecOps Shifting Left and Static Code Analysis with Perforce

When AI Assistants Turn Against You: The Amazon Q Security Wake-Up Call

| | ai, Amazon, code, devsecops
Amazon Q coding assistant was compromised with malicious prompts designed to wipe AWS accounts. What this near-miss teaches us about AI security ...
sentry, Wiz, Veracode, ASPM,

Veracode Allies with Wiz to Bring More Context to DevSecOps Workflows

| | ASPM, devsecops
Veracode today revealed an alliance through which it will integrate its application security posture management (ASPM) platform with the cloud native application protection platform from Wiz ...
Kusari Adds AI Security Tool to Inspect Code as Pull Requests Are Made

Kusari Adds AI Security Tool to Inspect Code as Pull Requests Are Made

| | ai, application development, devsecops, Kusari
Kusari has added an artificial intelligence (AI) tool that runs a security risk assessment every time an application developer makes a pull request. Company CTO Mike Lieberman said Kusari Inspector is designed ...
DevSecOps, security, Gitlab, CI/CD, ArmorCode, AI, Veracode, risk, devsecops, AI, security, developers, organizations, code, SBOMs, DevSecOps

Why DevSecOps Isn’t a Thing Yet

| | devops, devsecops, maintainability, security
One of the biggest obstacles to DevSecOps adoption is the cultural gap between development, security, and operations teams ...
AWS Extends Cloud Security Reach to Include DevSecOps Tools to Scan Code

AWS Extends Cloud Security Reach to Include DevSecOps Tools to Scan Code

| | Amazon Inspector, AWS, Cloud Security, devsecops
Amazon Web Services (AWS) this week made Amazon Inspector, a code scanning tool for surfacing vulnerabilities that is designed to be natively integrated with GitHub and GitLab platforms, generally available. Announced at ...
business, devops,

Merging Business Logic and DevOps

| | automation, CI/CD pipeline, compliance, devops, devsecops, it
Bridging the gap between DevOps and business logic means product and application owners should map out business outcomes and then embed them in DevOps pipelines ...
security, speed, DevOps

How to Embed Security Into Enterprise DevOps Pipelines

| | DevOps pipeline, devsecops, Enterprise DevOps Security
DevOps without security is just speed with risk. Now is the time to shift left, automate smart and build security into everything.  ...
JFrog, NVIDIA, DevSecOps, security, SAST, DevSecOps, Tidelift, GenAI, software, security, devsecops, AI, AISecOps Digital.ai transformation DevOps security mobile DevSecOps Dynatrace Extends Reach of Application Security Module

JFrog Extends Alliance With NVIDIA to Secure AI Software Supply Chain

| | ai, devsecops, RBAC, security
JFrog and NVIDIA today announced they have expanded the integrations between their software development platforms to now include the Enterprise AI Factory, a set of frameworks and blueprints for building artificial intelligence ...
DevEx Got You This Far: What’s Next for True DevSecOps Maturity?

DevEx Got You This Far: What’s Next for True DevSecOps Maturity?

| | developer experience, devops, devsecops, software development
The journey toward integrating security into the fast-paced world of DevOps has seen significant strides, largely thanks to a much-needed focus on the developer experience (DevEx).  Collectively, the AppSec community and industry ...
Show More