DEV Community

# devsecops

Integrating security practices into the DevOps lifecycle.

Posts

👋 Sign in for the ability to sort posts by relevant, latest, or top.
How I Built, Scanned, and Automated a Docker Pipeline
yaak profile

How I Built, Scanned, and Automated a Docker Pipeline

#docker #devsecops #github #devops
Comments
10 min read
Twelve Trust Boundaries: A Field Guide to Supply-Chain Defense After axios@1.14.1
ahmadkanj profile

Twelve Trust Boundaries: A Field Guide to Supply-Chain Defense After axios@1.14.1

#security #devsecops #githubactions #supplychain
Comments
28 min read
Twelve Trust Boundaries: A Field Guide to Supply-Chain Defense After axios@1.14.1
ahmadkanj profile

Twelve Trust Boundaries: A Field Guide to Supply-Chain Defense After axios@1.14.1

#security #devsecops #githubactions #supplychain
Comments
28 min read
Local Guardrails for Secrets Security in the Age of AI Coding Assistants
dwayne_mcdaniel profile

Local Guardrails for Secrets Security in the Age of AI Coding Assistants

#security #ai #devsecops #devops
Comments
8 min read
Twelve Trust Boundaries: A Field Guide to Supply-Chain Defense After axios@1.14.1
ahmadkanj profile

Twelve Trust Boundaries: A Field Guide to Supply-Chain Defense After axios@1.14.1

#security #devsecops #axios #supplychain
1
Comments
29 min read
Short-Lived Credentials in Agentic Systems: A Practical Trade-off Guide
dwayne_mcdaniel profile

Short-Lived Credentials in Agentic Systems: A Practical Trade-off Guide

#ai #security #devsecops #cybersecurity
1
Comments 1
11 min read
Best Snyk Alternatives in 2026: Which AppSec Tool Should You Choose?
alexcybersmith profile

Best Snyk Alternatives in 2026: Which AppSec Tool Should You Choose?

#snyk #appsec #cybersecurity #devsecops
2
Comments 1
12 min read
Inside WatchTower: 4-layer defacement detection in async Python
hi3ris profile
h13ris

Inside WatchTower: 4-layer defacement detection in async Python

#python #security #async #devsecops
Comments
8 min read
Vulnerability Remediation Prioritization — How to Handle Hundreds of CVEs Without Getting Overwhelmed
vulert_official profile
Vulert

Vulnerability Remediation Prioritization — How to Handle Hundreds of CVEs Without Getting Overwhelmed

#vulnerabilityremediation #cveprioritization #dependencysecurity #devsecops
Comments
8 min read
We rotated our JWKS without overlap. Here is the 4-minute window that broke prod.
bluehills profile

We rotated our JWKS without overlap. Here is the 4-minute window that broke prod.

#jwt #jwks #devsecops #sre
3
Comments
5 min read
The Rise of the Machine Identity
rushanksavant profile

The Rise of the Machine Identity

#ai #python #devsecops #rag
1
Comments
2 min read
Attackers Are Not Breaking In Anymore — They Are Logging In as Your Machines
karthiblip profile

Attackers Are Not Breaking In Anymore — They Are Logging In as Your Machines

#cloudsecurity #devsecops #iam
Comments
1 min read
🔐Enforcing image provenance in Kubernetes using Cosign + Sigstore + Kyverno
trottomv profile

🔐Enforcing image provenance in Kubernetes using Cosign + Sigstore + Kyverno

#security #devops #devsecops
Comments
2 min read
NemoClaw for the Enterprise: Installing NemoClaw and Bootstrapping the Sandbox (Part 2)
adnansattar profile

NemoClaw for the Enterprise: Installing NemoClaw and Bootstrapping the Sandbox (Part 2)

#devsecops #cybersecurity #nemoclaw #openshell
2
Comments
11 min read
Auth regression tests for CI: what to assert and why
bluehills profile

Auth regression tests for CI: what to assert and why

#cicd #devsecops #githubactions #testing
Comments
5 min read
👋 Sign in for the ability to sort posts by relevant, latest, or top.