Sign up for our newsletter!
Stay informed on the latest DevOps news

DevOps.com

Tag: devsecops

Kusari Adds AI Security Tool to Inspect Code as Pull Requests Are Made

Kusari Adds AI Security Tool to Inspect Code as Pull Requests Are Made

| | ai, application development, devsecops, Kusari
Kusari has added an artificial intelligence (AI) tool that runs a security risk assessment every time an application developer makes a pull request. Company CTO Mike Lieberman said Kusari Inspector is designed ...
DevSecOps, security, Gitlab, CI/CD, ArmorCode, AI, Veracode, risk, devsecops, AI, security, developers, organizations, code, SBOMs, DevSecOps

Why DevSecOps Isn’t a Thing Yet

| | devops, devsecops, maintainability, security
One of the biggest obstacles to DevSecOps adoption is the cultural gap between development, security, and operations teams ...
AWS Extends Cloud Security Reach to Include DevSecOps Tools to Scan Code

AWS Extends Cloud Security Reach to Include DevSecOps Tools to Scan Code

| | Amazon Inspector, AWS, Cloud Security, devsecops
Amazon Web Services (AWS) this week made Amazon Inspector, a code scanning tool for surfacing vulnerabilities that is designed to be natively integrated with GitHub and GitLab platforms, generally available. Announced at ...
business, devops,

Merging Business Logic and DevOps

| | automation, CI/CD pipeline, compliance, devops, devsecops, it
Bridging the gap between DevOps and business logic means product and application owners should map out business outcomes and then embed them in DevOps pipelines ...
security, speed, DevOps

How to Embed Security Into Enterprise DevOps Pipelines

| | DevOps pipeline, devsecops, Enterprise DevOps Security
DevOps without security is just speed with risk. Now is the time to shift left, automate smart and build security into everything.  ...
JFrog, NVIDIA, DevSecOps, security, SAST, DevSecOps, Tidelift, GenAI, software, security, devsecops, AI, AISecOps Digital.ai transformation DevOps security mobile DevSecOps Dynatrace Extends Reach of Application Security Module

JFrog Extends Alliance With NVIDIA to Secure AI Software Supply Chain

| | ai, devsecops, RBAC, security
JFrog and NVIDIA today announced they have expanded the integrations between their software development platforms to now include the Enterprise AI Factory, a set of frameworks and blueprints for building artificial intelligence ...
DevEx Got You This Far: What’s Next for True DevSecOps Maturity?

DevEx Got You This Far: What’s Next for True DevSecOps Maturity?

| | developer experience, devops, devsecops, software development
The journey toward integrating security into the fast-paced world of DevOps has seen significant strides, largely thanks to a much-needed focus on the developer experience (DevEx).  Collectively, the AppSec community and industry ...
code signing, trust, CodeRabbit, code, GenAI, Quali, Torque, code, Symbiotic, application developers, Zencoder, code, operations, code, commit, developer, mainframe, code, GenAI; code review efficiency cloud development

Code Signing in the DevOps Era: Silver Bullet or Security Theater? 

| | Anomaly Detection in DevOps, CI/CD, code signing, devsecops, key management, security automation, Software Bill of Materials (SBOM), software security
In the race for speed and automation, code signing is treated as a silver bullet when it should be just one part of a deeper trust strategy.  ...
DevOps: More Than a Buzzword—A Mindset of Continuous Evolution

DevOps: More Than a Buzzword—A Mindset of Continuous Evolution

| | CI/CD, devops, devsecops
In recent years, the term DevOps has become one of the most talked-about buzzwords in the technology world. You’ll hear it in boardroom discussions, IT conferences, job postings, and even startup meetups ...
JFrog, NVIDIA, DevSecOps, security, SAST, DevSecOps, Tidelift, GenAI, software, security, devsecops, AI, AISecOps Digital.ai transformation DevOps security mobile DevSecOps Dynatrace Extends Reach of Application Security Module

Futurum Group Survey Surfaces DevSecOps Progress on Multiple Fronts

| | devsecops, supply chain security, survey
A survey of 110 security leaders finds all are investing in software supply chain security, with application security posture management (ASPM) and DevSecOps automation and orchestration topping the priority list, followed closely ...
continuous compliance, validated, devops, liability, software, compliance Checkly Palo Alto Networks Checkov

Continuous Compliance for Cloud-Native CI/CD Pipelines

| | Audit-ready pipelines, CI/CD, cloud-native, continuous compliance, devsecops, Infrastructure as Code (IaC), policy as code, Regulatory automation
How DevOps teams can embed auditability without sacrificing delivery speed ...
DevSecOps, security, Gitlab, CI/CD, ArmorCode, AI, Veracode, risk, devsecops, AI, security, developers, organizations, code, SBOMs, DevSecOps

GitLab Extends Scope and Reach of Core CI/CD Platform

| | ai, CI/CD, devsecops, SaaS
GitLab Inc. has updated its core continuous integration/continuous delivery (CI/CD) platform to natively provide more artificial intelligence (AI) capabilities, along with built-in software artifact management capabilities and more robust security tools ...
Show More