Rapid software delivery brings enormous benefits – nimble engineering teams can iterate quickly on customer feedback, optimize time-to-market, and adapt to shifting business conditions. Companies e...

This post is part of a series on DevSecOps and CI/CD security. Check out the overview for context and links to the rest of the series. This post lays the CI/CD foundation for other security-focuse...

This post is part of a series on DevSecOps and CI/CD security. Check out the overview for context and links to the rest of the series. This post focuses on DevSecOps strategy, covering: Strateg...

This post is part of a series on DevSecOps and CI/CD security. Check out the overview for context and links to the rest of the series. This post focuses on DevSecOps technical strategy. A healthy ...

This post is part of a series on DevSecOps and CI/CD security. Check out the overview for context and links to the rest of the series. This post explores using static application security testing ...

This post is part of a series on DevSecOps and CI/CD security. Check out the overview for context and links to the rest of the series. This post explores using Git hooks for DevSecOps: Git Hook...

This post is part of a series on DevSecOps and CI/CD security. Check out the overview for context and links to the rest of the series. Testing is a core part of software development and CI/CD. Thi...

This post is part of a series on DevSecOps and CI/CD security. Check out the overview for context and links to the rest of the series. Modern software is made by writing some custom code and re-us...

It’s a question as old as information security – how should organizations combine manual efforts with automation to identify risk most effectively? Tool-based automated security defect discovery ex...