AI coding agents are reshaping software development—but they’re also expanding the attack surface. Researchers uncovered a now-patched vulnerability in Anthropic’s Claude Code GitHub Action that could have enabled prompt injection attacks to expose CI/CD secrets, API keys, and credentials. As AI agents gain autonomy in development workflows, organizations must treat untrusted inputs as hostile and rethink CI/CD security models. Natural language is becoming executable code—and attackers know it.
The Silent Risk of AI-Written DevOps Pipelines
These days, when a developer needs a CI/CD pipeline, they don’t always dive into GitHub Actions docs or spin up Jenkins from scratch. Instead, they pull up an AI assistant and type out something like: “Create a deployment pipeline for a containerized application.” Seconds later, the AI spits out a complete workflow. It looks polished. […]
Regression Testing Tools in the Age of AI-Assisted Development: What Has Changed
For most of the past decade, the conversation around regression testing tools was fairly stable. The tools got faster, the integrations got smoother, and the underlying approach stayed largely the same: write tests, run them in CI, fix failures. The fundamental model did not change much because the problem did not change much. AI-assisted development […]
AI Agents in CI/CD Pipelines: Speed vs Control in Modern DevOps
The moment you push your code, deployment fires off on its own. The pipeline kicks in, the tests sail through, and within a few minutes your app is live in production. There is no manual sign-off and no one scanning through the final changes. Everything is running on the decisions of an AI agent plugged […]
The Great Decoupling: Scaling the Outer Loop for the Agentic Era
The “Inner Loop” of software development—the iterative cycle of writing, building, and debugging code—has just broken the sound barrier. With the emergence of agentic coding tools like Claude Code and GitHub Copilot Workspace, the developer experience has undergone a fundamental shift. Developers are no longer merely tab-completing snippets; they are orchestrating agents that generate entire […]
AI Agents in DevOps: Hype vs. Reality in Production Pipelines
The demos look super cool! An AI agent detects a failing deployment, rolls it back, opens a GitHub issue, and notifies Slack — all before the on-call engineer has finished reading the alert. If you’ve been following the DevOps tooling space over the last 18 months, you’ve probably seen some version of this pitch. But […]
Agentic CI/CD is Not Automation: Why the Distinction Will Define DevOps in 2026
There is a dangerous conflation happening across our industry right now. Teams are plugging LLM-powered agents into their deployment pipelines, calling it “agentic CI/CD,” and treating it as the next logical step after shell scripts and Terraform modules. It is not. Automation executes predefined instructions. An agent reasons about context, makes decisions, and takes actions […]
Is Your AI Agent Secure? The DevOps Case for Adversarial QA Testing
Adversarial QA testing helps validate AI agents under real-world conditions, exposing risks like prompt injection and logic failures.
Akuity Adds Ability to Customize Kargo Pipelines
Akuity this week at the KubeCon + CloudNativeCon Europe conference revealed it has added an ability to customize the steps used to promote applications into a production environment using a Kargo orchestration engine it developed to manage software using a GitOps workflow. Company CEO Hong Wang said the Custom Steps capability added to Kargo will […]
Harness Extends AI Security Reach Across Entire DevOps Workflow
Harness today added an ability to automatically secure code as it is being written by an artificial intelligence (AI) coding tool in addition to adding a module to its DevOps platform that discovers, tests, and protects AI components within applications. Secure AI Coding is an extension of the static application security testing (SAST) and software […]
- 1
- 2
- 3
- …
- 8
- Next Page »









