https://devops.com/category/blogs/devsecops/ Where the world meets DevOps Tue, 17 Dec 2024 17:53:18 +0000 en-US hourly 1 https://devops.com/wp-content/uploads/2021/10/android-chrome-256x256-1-130x130.png https://devops.com/category/blogs/devsecops/ 32 32 144979424 https://devops.com/sonar-acquires-tidelift-to-extend-devsecops-reach-into-open-source-software/ Tue, 17 Dec 2024 17:53:18 +0000 https://devops.com/?p=174700 Sonar today revealed it has agreed to acquire Tidelift to gain access to third-party open-source code that it plans to integrate into its static code analysis tools.]]> 174700 https://devops.com/defectdojo-adds-ability-to-normalize-devsecops-data-to-aspm-platform/ Tue, 10 Dec 2024 14:30:28 +0000 https://devops.com/?p=174484 DefectDojo today added a universal parser to its application security posture management platform (ASPM) that makes it possible to normalize data ingested from any DevSecOps tools and platforms that expose data in a JSON or XML format.]]> 174484 https://devops.com/how-an-effective-appsec-program-shifts-your-teams-from-fixing-to-building/ Mon, 02 Dec 2024 13:55:48 +0000 https://devops.com/?p=174365 Development teams are under growing pressure to build cutting-edge applications with shorter development lifecycles. However, they are often slowed down by the growing burden of fixing security vulnerabilities. Ineffective application security processes mean these teams can spend more time firefighting than building, diverting focus from their primary objective: Delivering innovative, high-performance software. Yet, healthy security […]]]> 174365 https://devops.com/microsoft-enlists-endor-labs-to-integrate-sca-tool-with-cnapp/ Mon, 25 Nov 2024 13:59:40 +0000 https://devops.com/?p=174306 Microsoft has tapped Endor Labs to incorporate a software composition analysis (SCA) tool into its cloud-native application protection platform (CNAPP).]]> 174306 https://devops.com/checkmarx-extends-devsecops-reach-to-repository-security-and-secrets-discovery/ Thu, 21 Nov 2024 17:27:33 +0000 https://devops.com/?p=174263 Checkmarx this week extended the scope of its ability to protect software supply chains with tools that access how secure a repository is and find where application secrets have been shared in a way that is not secure. Ori Bendet, vice president of product management for Checkmarx, said the Repository Health and Secrets Detection tools […]]]> 174263 https://devops.com/four-steps-to-balance-agility-and-security-in-devsecops/ Wed, 06 Nov 2024 13:17:55 +0000 https://devops.com/?p=174060 Balancing agility and security in DevSecOps is achievable with the right mix of automation, collaboration and continuous feedback. By embedding security into agile processes, organizations can deliver software that is both fast and secure, meeting the demands of today’s fast-paced tech environment. ]]> 174060 https://devops.com/update-to-open-source-whiterabbitneo-project-brings-smarter-ai-to-devsecops/ Wed, 23 Oct 2024 13:00:08 +0000 https://devops.com/?p=173738 Kindo today revealed that WhiteRabbitNeo, an open-source DevSecOps platform, has been updated to take advantage of improved large language models (LLMs) that generate more accurate outputs when resolving prompts related to offensive cybersecurity, surfacing remediations for potential threats and integrating threat intelligence and vulnerability data.]]> 173738 https://devops.com/ai-will-soon-automate-devsecops-governance/ Thu, 17 Oct 2024 17:47:59 +0000 https://devops.com/?p=173617 The role cybersecurity teams play in ensuring applications are secure is about to become a lot more proactive in the age of artificial intelligence (AI).]]> 173617 https://devops.com/prime-security-to-apply-ai-guardrails-to-devsecops-workflows/ Thu, 10 Oct 2024 16:52:30 +0000 https://devops.com/?p=173484 Prime Security today emerged from stealth to make available a beta version of a platform that leverages artificial intelligence (AI) to ensure the appropriate guardrails are being followed as software is developed.]]> 173484 https://devops.com/legit-security-adds-application-security-rating-scorecards-to-aspm-platform/ Thu, 03 Oct 2024 15:45:05 +0000 https://devops.com/?p=173280 Legit Security today added an ability to rate the level of software security that has been attained to its application security posture management (ASPM) platform.]]> 173280