Tag: devsecops
The DevSecOps Career Path: What No One Tells You About Getting Started
Philip Piletic | | CI/CD security, Cloud Security, container security, developer security skills, devops security, DevOps to DevSecOps, devsecops, DevSecOps career transition, DevSecOps certifications, DevSecOps roadmap, DevSecOps skills, infrastructure as code security, OWASP Top 10, Secure software delivery, supply chain securityDevOps teams across organizations are suddenly finding themselves responsible for security with no roadmap. One day, teams are focused on deployment velocity and infrastructure automation, the next day, they're expected to understand ...
Harness CEO Calls for Reimagining of CI/CD Workflows in the AI Era
Harness CEO Jyoti Bansal at an Unscripted 2025 event in New York today told attendees the time has come to reimagine how continuous integration/continuous delivery (CI/CD) platforms function in the age of ...
Oasis Security Identifies Security Weakness in Cursor AI Coding Tool
Oasis Security this week warned application developers of a security flaw in the Cursor artificial intelligence (AI) code editor developed by Anysphere, Inc. that potentially could be used to allow a maliciously ...
What Makes Vulnerability Scanning Effective in Fast-Moving DevSecOps Pipelines Today?
Emily Amanda | | application security, CI/CD security, context-aware scanning, developer-friendly security, DevOps security integration, devsecops, modern security tools, noise reduction in alerts, real-time scanning, Secure software delivery, security feedback loop, security in pipelines, software vulnerabilities, vulnerability management metrics, vulnerability scanningTraditional vulnerability scanning can’t keep pace with CI/CD. Learn how real-time, context-aware scanning reduces noise, speeds fixes, and enables secure DevSecOps at scale ...
Nominations Are Open: DevOps Dozen 2025
Alan Shimel | | agentic AI, AI in DevOps, ci/cd tools, DevOps awards, DevOps community, devops dozen, DevOps evangelist, DevOps leaders, DevOps nominations, devops tools, DevOps vendors, devsecops, generative AI, golden paths, internal developer platforms, observability solution, platform engineering, Predict 2026, Software Supply Chain Security, SRE, TechStrongThe DevOps Dozen 2025 awards are open. Celebrate community leaders and tools shaping DevOps, from AI to platform engineering and supply chain security ...
Survey Surfaces Raft of AI Coding Issues Involving Embedded Systems
Mike Vizard | | AI coding assistants, AI security risks, AI-generated code vulnerabilities, Black Duck Software survey, C++ embedded programming, Censuswide research, cybersecurity for embedded systems, developer vs management perspectives., devsecops, embedded systems security, open source AI models, open source license compliance, Python in embedded systems, Software Bill of Materials (SBOM), software composition analysis (SCA)A new survey of 785 development and security professionals reveals that 89% of organizations are using AI coding assistants for embedded systems, but concerns over security, licensing risks, and governance remain. Python ...
Coding at the Speed of AI: Innovation, Vulnerability, and the GenAI Paradox
John Trest | | AI code review, AI Governance, AI hallucinations, AI in DevOps, AI in software development, AI security best practices, AI-generated code vulnerabilities, ChatGPT, cross-site scripting, developer training, devsecops, EU AI Act, GenAI security risks, generative AI, GitHub Copilot, hardcoded credentials, insecure deserialization, Log4Shell AI reproduction, Replit Ghostwriter, secure coding, U.S. Executive Order 14110Generative AI accelerates software delivery but also reintroduces vulnerabilities, making secure coding practices, oversight, and developer training essential for safe adoption ...
Qwiet AI Extends Microsoft Support in Platform for Fixing Vulnerabilities
Mike Vizard | | AI agents, AI coding tools, application security, AutoFix, Azure Boards, Azure DevOps, devsecops, github, SARIF, SAST, software security, Swift, vulnerability remediationQwiet AI extends its AI-driven application security platform with deeper Microsoft DevOps integrations, enhanced automation, and expanded AutoFix capabilities to proactively remediate code vulnerabilities ...
The EU’s Cyber Resilience Act: Redefining Secure Software Development
The European Union's Cyber Resilience Act (CRA) marks a turning point for anyone building, selling, or maintaining digital products. Whether it’s enterprise software, consumer apps, IoT devices, or embedded systems, the CRA ...
John Willis: The True North of DevOps and DevSecOps
Over the last 14-plus years of my journey through DevOps, I’ve had the good fortune to meet some of the smartest, most generous, most forward-thinking people in our industry. It’s one of ...
Tackling the DevSecOps Gap in Software Understanding
When I first read the recent article from CISA titled "Tackling the National Gap in Software Understanding," I had the same reaction I imagine many of you did: Well, of course this ...
White Paper: The Future of DevSecOps in a Fully Autonomous CI/CD Pipeline
Abstract The growing complexity of modern software development and the increasing speed at which organizations need to deliver software have led to the widespread adoption of DevOps practices, particularly continuous integration/continuous deployment ...
