Harness today made generally available an Artifact Registry it has added to its portfolio of DevOps tools and platforms. At the same time, Harness also revealed it has added a Dependency Firewall to the registry that enables DevSecOps teams to enforce controls at the point of ingestion. Rather than relying on downstream scans after a […]
What is OPA (Open Policy Agent)?
Open Policy Agent (OPA) is a versatile policy engine designed to handle policy enforcement across cloud infrastructures. It enables users to define and apply policies consistently across a variety of systems, helping maintain security and compliance in dynamic environments. In my view, OPA represents a significant step forward for cloud infrastructure. From experience, unless a […]
Kong Adds MCP Support to Tool for Designing and Testing APIs
Kong Inc. has integrated Model Context Protocol (MCP) support into Insomnia 12, enabling DevOps teams to design, test, and secure MCP clients and servers for AI-driven APIs—reducing misconfigurations and enhancing compliance in rapidly evolving AI environments.
JFrog Extends Alliance With NVIDIA to Secure AI Software Supply Chain
JFrog and NVIDIA today announced they have expanded the integrations between their software development platforms to now include the Enterprise AI Factory, a set of frameworks and blueprints for building artificial intelligence (AI) applications. As a result, software artifacts created using the NVIDIA Enterprise AI Factory can be housed in the JFrog Software Supply Chain […]
RBAC For Your CI/CD Pipeline: Why and How
By implementing RBAC in your CI/CD pipeline, you can help ensure secure and efficient operations.
Watching the Watchers: Solving the Problem of Meta-Permissions
The move to the cloud and microservices has introduced new challenges in managing permissions. Software has been broken down into small, independently-deployable microservices, each with its own unique set of permissions. These permissions make it excruciatingly hard to ensure and track correct access. While this technological shift is challenging, it pales in comparison to the […]
15 DevSecOps Best Practices
DevOps is all about speed, agility and collaboration. But when it comes to security, DevOps teams often face unique challenges. From securing the application development process to protecting production environments, DevOps and DevSecOps teams need to be aware of a variety of potential security risks. To help you stay ahead of the curve, we’ve compiled […]