Sign up for our newsletter!
Stay informed on the latest DevOps news

staging-devopsy.kinsta.cloud

Tag: pipeline security

supply chain, software, Checkmarx, data, Endor, SCA, supply chain, security, workflows, supply chain, software, supply chain security, appsec, polyfill, software, supply chains, DevOps, DevSecOps, Google supply chain

Worms in the Supply Chain: Shai-Hulud and the Next DevOps Reckoning

| | artifact provenance, CI/CD security, continuous verification, credential theft, devops security, devsecops, GitHub tokens, npm malware, OIDC, pipeline security, SBoM, Secure software delivery, Shai-Hulud worm, short-lived tokens, Software Supply Chain, supply chain attack
DevOps was supposed to make software delivery faster, safer and more reliable. For the most part, it has. But every so often, something nasty crawls out of the shadows and reminds us ...
crowdtesting New Relic testing Applause DevOps DAST Applause testing

Shift Left With DAST: Dynamic Testing in the CI/CD Pipeline

| | application security, CI/CD, continuous testing, DAST, pipeline security
By focusing on application security like an attacker would, DAST can discover potential security threats that static testing methods might miss ...
DevSecOps ZeroNorth

3 Must-Haves When Implementing DevSecOps

| | application security, CI/CD, devsecops, pipeline security, secure code DevSecOps
The term DevSecOps is already more than a dozen years old. DevOps—the practice of combining software development with IT operations to deploy applications faster—was first coined in 2008 and refined in a ...
phishing Java pillar one DevSecOps No More Hot Potato: How Collaboration is Key in Application Security

What to Expect When Transitioning to DevSecOps

| | CI/CD, devsecops, pipeline security, secure coding
How do you ensure your DevOps pipeline is secure? Does DevSecOps protect you against serious breaches or is it just a way to allay the concerns of stakeholders about security in DevOps? ...
Cycloid, stacks, workflows. DevOps, transformation, workflow Automation Apache Hop

A Blueprint for Securing Software Development

| | CI/CD, custom software development, devsecops, pipeline security, secure coding
Software development has changed dramatically in recent years, as technologies like DevOps, application containers, and cloud-native transform how software is built and distributed. Unfortunately, attackers have been paying close attention to these ...