Tag: security automation
Agentic DevSecOps: AI Security Co-Pilots for Your CI/CD Pipeline
Joydip Kanjilal | | agentic AI, AI copilots, AI Governance, AI incident response, AI pipeline management, AI security, AI security agents, AI threat detection, AI vulnerability scanning, AI-driven security, AI-powered DevSecOps, application security, autonomous AI agents, autonomous security testing, CI/CD security, Cloud Security, continuous security monitoring, cybersecurity automation, devops security, devsecops, devsecops automation, infrastructure security, intelligent automation, real-time threat intelligence, SDLC security, Secure software delivery, security automation, security operations, security orchestration, security posture management, software development lifecycle, software security, threat remediationThe emergence of AI has brought endless possibilities and innovative opportunities in today’s ever-changing, fast-paced technology landscape. AI is helping development teams produce software significantly faster than ever before. AI-enabled DevSecOps tools ...
Why Most DevSecOps Pipelines Fail at Runtime Security (not Build Time)
Nazim Ghori | | configuration drift, Continuous integration (CI/CD), DevSecOps pipelines, Infrastructure as Code (IaC), runtime security, security automationRuntime risk refers to security exposure caused by configuration, identity or infrastructure changes after deployment ...
Rein Security Emerges to Analyze Reachability of Application Vulnerabilities
Mike Vizard | | AI-generated vulnerabilities, API security, application security, continuous vigilance, devsecops, funding, Matan Bar Efrat, performance overhead, security automation, software development, software security testing, vulnerability managementRein Security has emerged from stealth to launch an application security platform capable of determining the reach of a vulnerability based on which libraries and application programming interfaces are actually running in ...
How Cybersecurity Teams Can Work Better with DevOps
Samuel Ogbonna | | CI/CD, cloud security best practices, cyber security, devsecops, security automationDevOps teams move fast, but security can lag without the right approach. Often, cybersecurity and DevOps teams work separately, and that could lead to problems. To fix this, organizations must shift from ...
Cybersecurity Laws Will Shape the Future of DevOps
Alexander Williams | | auditability, CI/CD compliance, CISA, compliance-as-code, compliance-driven DevOps, cybersecurity compliance frameworks, cybersecurity regulation, DevOps accountability, devsecops, Executive Order 14028, global cybersecurity laws, governance in DevOps, incident disclosure, NIS2 Directive, RegOps, regulatory DevOps, SBoM, SEC breach disclosure, secure software development, secure-by-design, security automation, software liability, traceability, zero-trustFrom the EU’s NIS2 Directive to U.S. SEC breach disclosure rules, cybersecurity regulation is accelerating faster than code releases. DevOps teams must evolve into RegOps—embedding compliance, traceability, and trust directly into their ...
Patch Management is Essential for Securing DevOps
Alexander Williams | | automated patching, automated rollbacks, canary deployments, CI gating, CI/CD pipelines, cloud-native security, continuous delivery security, CVE scanning, devops best practices, devops security, devsecops, feature flags, mean time to patch (MTTP), observability in devops, patch automation tools, patch management, runtime mitigation, SBoM, security automation, software bill of materials, software vulnerabilities, supply chain security, vulnerability discovery, vulnerability management, zero-day defense, zero-day exploitsZero-day exploits don’t wait for anyone and are one of the main reasons why the cybersecurity market will be worth a whopping $256 billion worldwide. In the current threat landscape, attackers weaponize ...
The Silent Technical Debt: Why Manual Remediation Is Costing You More Than You Think
Bob Shaker | | ActiveState report, continuous remediation, cybersecurity efficiency, Dependency Management, developer productivity, devsecops, engineering performance, innovation tax, intelligent remediation, KubeCon 2025, manual remediation, Mean Time to Remediate, mttr, open source security, remediation debt, security automation, software vulnerabilities, technical debt, transitive dependencies, vulnerability managementManual vulnerability remediation drains time, innovation, and security. Learn how intelligent remediation eliminates hidden technical debt and accelerates DevSecOps ...
Code Signing in the DevOps Era: Silver Bullet or Security Theater?
Aditya Gupta | | Anomaly Detection in DevOps, CI/CD, code signing, devsecops, key management, security automation, Software Bill of Materials (SBOM), software securityIn the race for speed and automation, code signing is treated as a silver bullet when it should be just one part of a deeper trust strategy. ...
AI-Powered DevSecOps: Navigating Automation, Risk and Compliance in a Zero-Trust World
Michelle Buckner | | AI in DevOps, CI/CD pipeline security, cloud security best practices, continuous compliance, DevOps compliance, FedRAMP DevOps, GRC automation, microservices security, NIST compliance, security automationBreaking down how artificial intelligence (AI) is reshaping DevSecOps, the security pitfalls that come with it and how to balance the raw efficiency of automation with the actual realities of risk mitigation ...
Synopsys Report Sees Steady Application Security Gains
An analysis of the security automation practices of 130 organizations published by Synopsys suggests significant progress toward securing software supply chains ...
The DevOps Sweet Spot: Inserting Security at Pull Requests (Part 1)
Chetan Conikee | | devops, sdlc, security, security automation, security scans, software development lifecycleToday’s organizations are increasingly benefiting from the modernization of the software development lifecycle (SDLC), including the adoption of cloud, DevOps, Agile methodologies, containers and more. Thanks to this modernization, organizations are innovating ...
Better Apps and Better Security When You Shift Left
Tony Bradley | | app security, CI/CD, cloud, containers, devops, security, security automation, shift leftTens of thousands of people and hundreds of cybersecurity vendors descended on San Francisco at the end of April. While the RSA Conference was the primary draw, there are a number of ...
