Skip to main content
← All Tags

devsecops

14 articles in this category

AI NewsDevSecOpsContainer Security

Securing Cloud-Native Workloads: Insights from Docker and Kubernetes Security

Docker and Kubernetes Security named a finalist for Best DevOps Book of the Year at the DevOps Dozen 2025 awards.

Read more
AI NewsSecurityDevSecOps

Solving the Zero-Trust Paradox: Ennote's Zero-Persistence Architecture for Secret Management

Ennote introduces a Zero-Persistence vault using Kyber-1024 and X25519 to enable sub-second Kubernetes secret syncing without breaking enterprise RBAC.

Read more
AI NewsSecurityDevSecOps

Building a Real-Time Anomaly Detection Engine for Cloud Storage Security

Learn how a Python daemon uses Z-score statistical analysis to detect and block malicious traffic in real-time using Linux iptables.

Read more
AI NewsDevSecOpsSoftware Engineering

Security as a Delivery Accelerator: Insights from the 2025 DORA Report

The 2025 DORA report highlights that AI productivity gains are neutralized by security bottlenecks, requiring pervasive security to accelerate delivery.

Read more
AI NewsInfrastructure as CodeDevSecOps

Securing Terraform Infrastructure with a Single REST API Call

TerraGuard provides a REST API for static analysis of Terraform HCL to detect security misconfigurations and hardcoded secrets without local installation requirements.

Read more
AI NewsCloud CybersecurityDevSecOps

Tenable and OX Integrate CNAPP with Code Analysis to Accelerate Cloud Remediation

Tenable and OX Security bridge the gap between production risk and source code by linking cloud vulnerabilities to specific developers and commit histories.

Read more
AI NewsDevSecOpsSecurity Engineering

Securing Local Environments with HashiCorp Vault Radar

HashiCorp Vault Radar proactively detects unmanaged secrets and PII to prevent multi-million dollar data leaks during local development and Git syncs.

Read more
AI NewsAI SecurityDevSecOps

Securing LangChain Apps against NIST AI RMF: A DevSecOps Architect's Guide

Learn to secure LangChain applications against data poisoning and backdoors using the NIST AI RMF and TradeApollo ShadowScout's air-gapped vulnerability scanning engine.

Read more
AI Newsdevsecopslinux

Reframing Linux Security: A DevSecOps Bootcamp Experience

Linux security reframed through DevSecOps lens

Read more
AI NewsCybersecurityDevSecOps

Why Secrets in JavaScript Bundles are Still Being Missed

Scanning 5M apps uncovered 42K exposed secrets in JavaScript bundles, highlighting shortcomings in current SAST and DAST practices.

Read more
AI NewsCloud SecurityDevSecOps

AWS CodeBuild Misconfiguration Exposed GitHub Repos to Potential Supply Chain Attacks

A misconfigured AWS CodeBuild webhook allowed bypass of actor ID checks, exposing four AWS GitHub repositories to potential takeover before fixes in September 2025.

Read more
AI NewsDevSecOpsSecurity

Top 10 DevSecOps Tools Dominating 2026: Secure Your Pipeline Like a Pro

This article details the top 10 DevSecOps tools for 2026, emphasizing the shift towards proactive security and AI-driven vulnerability management.

Read more
AI NewsCybersecurityDevSecOps

Stop Secrets Creep Across Developer Platforms

Dark Reading Confidential Episode 13 reveals a 23 million exposed secrets in the public space in the last year, highlighting the growing risk of developer-exposed sensitive information.

Read more
AI Newsdevsecopscontainers

Idempotent Dockerfiles: Desirable Ideal or Misplaced Objective?

Idempotent Dockerfiles are often overemphasized; immutable artifacts and CI rebuilds provide greater operational value.

Read more