Where the world meets DevOps Wed, 18 Sep 2024 23:13:15 +0000 en-US hourly 1 https://devops.com/wp-content/uploads/2021/10/android-chrome-256x256-1-130x130.png 32 32 144979424 https://devops.com/automating-web-application-security-testing-to-combat-cyber-threats/ Wed, 18 Sep 2024 14:31:43 +0000 https://devops.com/?p=173012 Despite the hundreds of exposed web applications and APIs in our attack surfaces, many assets remain dangerously untested and vulnerable to cyberattacks.]]> 173012 https://devops.com/the-software-extinction-event-that-wasnt/ Sat, 03 Aug 2024 00:09:21 +0000 https://devops.com/?p=172141 The world may have just avoided a cybersecurity disaster, with potential impact of CrowdStrike x1000.  Imagine if the world’s most pervasive programming language, used in the majority of organizations, services, websites and infrastructure today, was itself made to be malicious? Cybersecurity researchers from JFrog recently discovered a GitHub Personal Access Token in a public Docker […]]]> 172141 https://devops.com/the-risks-of-the-cloud-oligopoly/ Fri, 26 Jul 2024 09:17:45 +0000 https://devops.com/?p=171965 The cloud oligopoly, insofar as it stifles competition, represents a potentially overlooked area in which businesses must assess their supply chain commitments.]]> 171965 https://devops.com/devsecops-5-tips-for-developing-better-safer-apps/ Thu, 21 Mar 2024 11:30:07 +0000 https://devops.com/?p=169142 DevSecOps requires teams to collaborate and enable the organization to deliver safer applications to customers without compromising security.]]> 169142 https://devops.com/avoiding-mistakes-in-multi-cloud-configurations/ Fri, 27 Oct 2023 12:30:06 +0000 https://devops.com/?p=166259 Knowing how to configure multiple clouds mistake-free is essential to keep the promise of multi-cloud alive.]]> 166259 https://devops.com/synopsys-taps-nowsecure-and-secure-code-warrior-to-improve-devsecops/ Fri, 18 Aug 2023 17:37:14 +0000 https://devops.com/?p=164248 Synopsys has partnered with NowSecure and Secure Code Warrior to help organizations improve DevSecOps best practices.]]> 164248 https://devops.com/communicating-common-web-app-security-threats-to-developers/ Fri, 14 Jul 2023 12:30:05 +0000 https://devops.com/?p=162796 Shift left involves providing developers with the context they need to prioritize and remediate threats appropriately.]]> 162796 https://devops.com/bionic-extends-application-security-posture-management-platform/ Wed, 28 Jun 2023 20:58:07 +0000 https://devops.com/?p=162501 Bionic this week added a pair of tools to its application security posture management (ASPM) platform that make it simpler to triage threats based on severity and attach a risk score. Josh Cho, senior director of global systems engineering at Bionic, said the Bionic Signals and Business Risk Scoring tools ingest data from third-party security […]]]> 162501 https://devops.com/how-to-empower-devsecops-in-a-complex-multi-cloud-landscape/ Fri, 23 Jun 2023 12:30:38 +0000 https://devops.com/?p=162264 Organizations are embracing cloud-based application delivery for speed of delivery and scale. However, the proliferation of multi-cloud systems to access and maximize the cloud’s capabilities is driving complexity in IT environments. Many organizations do not consider how multi-cloud adoption is expanding their attack surface—and the risk is growing: The 2023 CrowdStrike Global Threat Report found […]]]> 162264 https://devops.com/gitlab-adds-more-ai-and-cybersecurity-capabilities-to-ci-cd-platform/ Fri, 26 May 2023 12:21:08 +0000 https://devops.com/?p=161471 GitLab this week delivered an update to its continuous integration/continuous delivery (CI/CD) platform that adds additional generative artificial intelligence (AI) and cybersecurity capabilities. The GitLab 16 release included cybersecurity capabilities such as centralized policy management, expanded compliance reports and controls, compliance dashboards and default Level 3 attestation for the supply-chain levels for software artifacts (SLSA) […]]]> 161471