Sign up for our newsletter!
Stay informed on the latest DevOps news

staging-devopsy.kinsta.cloud

Cycode Leverages eBPF to Secure CI/CD Pipelines

by

Cycode today added a Cimon extension to its application security platform that uses extended Berkeley Packet Filtering (eBPF) to thwart cyberattacks against continuous integration/continuous delivery (CI/CD) pipelines. Alex Ilgayev, head of security research for Cycode, said Cimon uses eBPF to inspect network connections, running processes and file modifications within a pipeline to learn standard behaviors. […]

Snyk to Add ASPM Platform via Enso Security Acquisition

by

Snyk this week announced it plans to acquire Enso Security, a provider of an application security posture management (ASPM) solution that tracks events and analyzes metadata collected from DevOps and security tools. At the same time, Snyk revealed it has added a DeepCode AI Fix tool that creates validated fixes for code written by either […]

DigiCert Allies With ReversingLabs to Secure Software Supply Chains

by

DigiCert today announced it has allied with ReversingLabs to integrate binary analysis and threat detection capabilities with a code signing service it provides. Deepika Chauhan, chief product officer for DigiCert, said the addition of these capabilities to the DigiCert Software Trust Manager service would make it simpler for organizations to operationalize a methodology for securing […]

Checkmarx Brings Generative AI to SAST and IaC Security Tools

by

Under an early access program, Checkmarx today made available query builder and guided automation tools that take advantage of OpenAI’s generative artificial intelligence (AI) technologies to make it simpler for developers to resolve application security issues. AI Guided Remediation surfaces actionable remediation recommendations for vulnerability issues such as misconfigurations directly from within integrated development environments […]

GitLab Adds More AI and Cybersecurity Capabilities to CI/CD Platform

by

GitLab this week delivered an update to its continuous integration/continuous delivery (CI/CD) platform that adds additional generative artificial intelligence (AI) and cybersecurity capabilities. The GitLab 16 release included cybersecurity capabilities such as centralized policy management, expanded compliance reports and controls, compliance dashboards and default Level 3 attestation for the supply-chain levels for software artifacts (SLSA) […]

Red Hat Moves to Secure Software Supply Chains

by

Red Hat today announced a portfolio of cloud services designed to better secure software supply chains. The expanded portfolio includes Red Hat Trusted Application Pipeline to secure continuous integration/continuous delivery (CI/CD) workflows and Red Hat Trusted Content offerings to better secure software components. Announced at the Red Hat Summit, the Red Hat Trusted Software Supply […]

Five Great DevOps Job Opportunities

by Leave a Comment

staging-devopsy.kinsta.cloud is now providing a weekly DevOps jobs report through which opportunities for DevOps professionals will be highlighted to better serve our audience. Our goal in these challenging economic times is to make it easier for DevOps professionals to advance their careers. Of course, the pool of available DevOps talent is still relatively constrained, so […]

AWS Converts Cedar Policy-as-Code Tool to Open Source Project

by Leave a Comment

At the Open Source Summit North America conference today, Amazon Web Services (AWS) announced it is making Cedar, a language for defining permissions as policies that includes automated reasoning to mathematically prove an IT environment is secure, available as an open source project. In addition, AWS launched SnapChange, an open source fuzz testing tool that […]

GitGuardian Survey Surfaces Secrets Management Challenges

by Leave a Comment

A survey of 507 IT decision-makers in the U.S. and the United Kingdom published today found 75% of respondents said a secret leaked from at least one application, with 60% noting that the leak caused issues for either the company, employees or both. Conducted by Sapio Research on behalf of GitGuardian, a provider of a […]

ReversingLabs: Increased Focus on Software Supply Chain Security

by Leave a Comment

A global survey of 300 global executives, technology and security professionals found software containing vulnerabilities (82%) followed by secrets leaked through source code (55%), malicious code (52%) and suspicious code (46%) posed a serious risk to the business. Conducted by Dimensional Research on behalf of ReversingLabs, a provider of a platform for securing software supply […]