DEV Community

# devsecops

Integrating security practices into the DevOps lifecycle.

Posts

👋 Sign in for the ability to sort posts by relevant, latest, or top.
Scan Any Public GitHub Repo for Security Issues in Seconds (No Account)

Scan Any Public GitHub Repo for Security Issues in Seconds (No Account)

Comments
3 min read
CI/CD Security Tools — The Complete Guide for Engineering Teams

CI/CD Security Tools — The Complete Guide for Engineering Teams

Comments
10 min read
Applying SAST to Infrastructure as Code: Unifying Cloud and Container Security with Trivy

Applying SAST to Infrastructure as Code: Unifying Cloud and Container Security with Trivy

1
Comments 1
4 min read
Shifting Mobile Security Left: Applying SAST to Android Apps with MobSF

Shifting Mobile Security Left: Applying SAST to Android Apps with MobSF

1
Comments 1
3 min read
Applying SAST Tools to Infrastructure as Code — A Hands-On Look at Checkov

Applying SAST Tools to Infrastructure as Code — A Hands-On Look at Checkov

Comments
4 min read
Applying SAST to Infrastructure as Code: Scanning Terraform with Checkov

Applying SAST to Infrastructure as Code: Scanning Terraform with Checkov

Comments 1
5 min read
Why Cursor Keeps Writing SSRF Into Your URL Fetch Code

Why Cursor Keeps Writing SSRF Into Your URL Fetch Code

Comments
3 min read
Your Phishing Simulation Score Is 99%. Here's Why That Worries Me.

Your Phishing Simulation Score Is 99%. Here's Why That Worries Me.

Comments
4 min read
Why evidence matters more than model memory in AI pentesting

Why evidence matters more than model memory in AI pentesting

Comments
1 min read
Autonomous pentesting against Active Directory, without the black box

Autonomous pentesting against Active Directory, without the black box

Comments
1 min read
Why Cursor Keeps Hashing Passwords With MD5 (And How to Fix It)

Why Cursor Keeps Hashing Passwords With MD5 (And How to Fix It)

Comments
2 min read
SOC 2 CC7.1: What Auditors Actually Ask For in Vulnerability Management

SOC 2 CC7.1: What Auditors Actually Ask For in Vulnerability Management

Comments
5 min read
Supply Chain Attacks verstehen: Praxisnahe Schutzstrategien fĂŒr moderne IT-Infrastrukturen

Supply Chain Attacks verstehen: Praxisnahe Schutzstrategien fĂŒr moderne IT-Infrastrukturen

Comments
6 min read
We called AVE "the CVE for AI agents." A Reddit commenter told us that was wrong. They were right

We called AVE "the CVE for AI agents." A Reddit commenter told us that was wrong. They were right

1
Comments
4 min read
Why Every CISO Needs an AIBOM in 2026 — And What Most Vendors Miss

Why Every CISO Needs an AIBOM in 2026 — And What Most Vendors Miss

1
Comments
9 min read
👋 Sign in for the ability to sort posts by relevant, latest, or top.