Tag: devsecops
How to Source Vulnerability Data for True DevSecOps
Open source comes with code vulnerabilities that must be considered in the DevOps process The war between open source and “only proprietary code” is long over. Open source won the day by ...
ShiftLeft Brings Security Workflows to DevOps Processes
ShiftLeft has updated its NextGen Static Analysis (NG SAST) tool to include workflows that are purpose-built for developers. Company CEO Manish Gupta said the security workflows are designed to make it easier ...
Snyk Report Finds Decline in Open Source Vulnerabilities
Snyk, a provider of tools for discovering and remediating vulnerabilities in open source code, today published a report that finds the number of new vulnerabilities discovered in open source software packages has ...
SaltStack Looks to Automate DevSecOps Processes
SaltStack announced today it has integrated its automation framework with a variety of third-party security platforms to further the adoption of best DevSecOps processes. Mehul Revankar, director of product management for SaltStack, ...
The Secret to Winning at DevOps: Are You Up for the Challenge?
Sam Bocetta | | automation, developers, DevOps practices, devops teams, devsecops, IT operations, sdlcThe main idea behind DevOps is to enable companies to keep up with the increased software velocity and advancements in agile culture for a smoother end-to-end software delivery cycle. The main goal ...
Participate in the Checkmarx 2020 Survey
Veronica Haggar | | appsec, automation tools, Checkmarx, devops, DevOps Survey, devops tools, devsecops, security tools, software developmentCheckmarx, the global leader in software security solutions for modern enterprise software development, and DevOps.com are conducting a survey about the implementation of DevOps and related automation and security tools. The purpose ...
What Developers Really Think About Pentesting
Matias Madou | | dev teams, developers, devsecops, penetration testing, pentester, pentesting, SAST, static analysis, static analysis scanning toolsA developer in their natural habitat is often spotted in a state of deep concentration, coding awesome features to tight deadlines. Feature-building is often our favorite part of the job, and really, ...
Why DevOps and Federal Agencies Need Each Other
Lauren Strayhorn | | change management, devops, devsecops, federal agencies, Remote work, tech industryIn times of crisis, the U.S. government needs to bring in tech tools fast to help solve the problem. First, now is a vulnerable time and weaknesses are exposed in telework infrastructure ...
GitLab Adds Fuzz Testing to DevSecOps Toolbox
GitLab today announced it has acquired Peach Tech, a provider of protocol fuzz testing and dynamic application security testing (DAST) API testing tools, and Fuzzit, a continuous fuzz testing tool, as part ...
3 DevOps Security Best Practices Your Organization Can’t Afford To Ignore
Alexey Klochay | | CI/CD, DAST, devsecops, Dynamic Application Security Testing, GitLeaks, SAST, secure pipeline, Static Application Security TestingCI/CD pipelines are at the core of daily operations for many businesses today. These processes, when set up correctly, help to keep the delivery process consistent by automating many manual tasks and ...
DevSecOps vs. Agile Development: Putting Security at the Heart of Program Development
Sam Bocetta | | agile development, CI/CD, continuous delivery, continuous integration, Department of Defense, devsecops, DoD, software securityDespite most developers and managers being well aware of the concept of DevSecOps, it is still often confused with a number of related processes and concepts. This is particularly true for the ...
How DevOps Powered by AI and Machine Learning Is Delivering Business Transformation
Kevin Dallas | | ai, artificial intelligence, devsecops, digital transformation, digitization, machine learningThe use of artificial intelligence (AI) and machine learning (ML) is fundamentally changing the way we think about DevOps. Most notably, it is delivering a new form of DevOps that recognizes the ...
