In today’s rapidly developing software world, security cannot be an afterthought. DevSecOps, the integration of security practices into every phase of DevOps, requires continuous monitoring and actionable insights to detect and mitigate threats effectively. Observability plays an essential role in this ecosystem by providing deep visibility into the security posture of the development process, enabling […]
Attackers Testing New Strain of Shai-Hulud on npm: Aikido
Threat actors behind the virulent Shai-Hulud worm that wreaked havoc in open npm repositories toward the end of 2025 apparently are trying out a new strain that comes with slight modifications. Security researchers with Aikido Security, who have been tracking Shai-Hulud for months, wrote in a report that was updated January 2 that there doesn’t […]
Surprise! Everybody Uses AI Tools for Software Development, Few Do So Securely
AI is generating code faster than teams can secure it, widening software supply chain risk and exposing major gaps in AppSec and governance.
Crates.io Removes Malicious Rust Package Targeting Web3 Developers
A malicious Rust package that was found to be downloading payloads aimed at stealing cryptocurrency was removed from the crates.io Rust package registry, along with another package by the same author that appeared benign but was dependent on the first. The crates.io team removed both packages this week after security researchers with Socket alerted it […]
It’s Time to Rethink Access Control for Modern Development Environments
As development environments evolve at breakneck speed, our approach to securing them remains stuck in the past. I’ve watched countless organizations implement robust Identity and Access Management (IAM) solutions, deploy Identity Governance and Administration (IGA) tools, and then breathe a collective sigh of relief, believing they’ve solved their access control challenges. But have they? An […]
What Fuels AI Code Risks and How DevSecOps Can Secure Pipelines
Modern development teams are under constant pressure to deliver fast, innovate continuously, and stay clear of security threats; all at the same time. Every new feature, every accelerated release, carries the hidden risk of introducing vulnerabilities that can slip past traditional check points. Even the most seasoned developers can unknowingly leave gaps that put applications […]
How Cybersecurity Teams Can Work Better with DevOps
DevOps teams move fast, but security can lag without the right approach. Often, cybersecurity and DevOps teams work separately, and that could lead to problems. To fix this, organizations must shift from viewing security as a checkpoint to embedding it in DevOps at every step. This article explores how to infuse security in DevOps from […]
Survey Surfaces Rising Tide of Vulnerabilities in Code Generated by AI
A survey of 450 IT professionals in the U.S. and Europe finds 69% of organizations have discovered vulnerabilities in code generated by artificial intelligence (AI) tools, with 20% reporting there has been a serious incident as a result. Conducted by Sapio Research on behalf of Aikido Security, a provider of a platform of discovering vulnerabilities […]
The Silent Technical Debt: Why Manual Remediation Is Costing You More Than You Think
Manual vulnerability remediation drains time, innovation, and security. Learn how intelligent remediation eliminates hidden technical debt and accelerates DevSecOps.
Survey Surfaces Widespread Adoption of AI to Improve DevSecOps
A global survey of 1,015 IT professionals with responsibility for application security finds more than three quarters (77%) are using artificial intelligence (AI), with another 13% considering adoption. Conducted by Fastly, a provider of a content delivery network (CDN) service, the survey also finds 25% of survey respondents using AI have fully integrated into their […]
- « Previous Page
- 1
- 2
- 3
- 4
- 5
- 6
- …
- 113
- Next Page »