CI/CD pipeline Archives

Cycode Discovers a Supply Chain Vulnerability in Bazel

Elad Pticha | February 1, 2024 | Application Security, Blog, CI/CD pipeline, software supply chain security

Executive Summary The Cycode Research Team discovered a software supply chain vulnerability in one of Google’s open source flagship products, Bazel. We found that a GitHub Actions workflow could have been injected ...

Cycode

CI/CD Pipeline Security: Best Practices Beyond Build and Deploy

Julie Peterson | January 25, 2024 | Application Security, Blog, CI/CD pipeline, software supply chain security

CI/CD Pipeline Security Given the demand for rapid innovation and the adoption of agile methodologies, Continuous Integration/Continuous Deployment (CI/CD) pipelines have become the foundation on which all DevOps processes are built. They ...

Cycode

How Secure Code Signing Aligns With The Principles of DevSecOps

Krupa Patil | January 3, 2024 | CI/CD pipeline, code signing, DEVOPS, DevSecOps, HIPAA, PCI DSS

Software supply chain attacks are seeing an unprecedented surge. According to the Sonatype State of the Software Supply Chain Report, twice as many incidents were recorded in 2023 as compared to the ...

Blogs Archive - AppViewX

Are Your Code Signing Processes Mature? A Guide to Navigating Your Code Signing Maturity Journey

Krupa Patil | December 12, 2023 | CI/CD pipeline, code signing, DEVOPS, hardware security module (HSM), private keys

On June 1, 2023, the Certificate Authority (CA)/Browser Forum’s new code signing baseline requirements came into effect, enforcing changes to the way organizations handle and protect code signing private keys. According to ...

Blogs Archive - AppViewX

High level workflow of integrating WAAP into CI/CD pipeline

The Role of WAAP Platforms in the CI/CD Pipeline

Phani Deepak Akella | May 8, 2023 | CI/CD pipeline, WAAP, Web Application and API Protection

A WAAP solution could play a critical role in CI/CD process. It helps protect apps and APIs from threats throughout the entire SDLC. The post The Role of WAAP Platforms in the ...

Indusface

cyberwar, cyber, SLA, cyberattack, retailers, Ai, applications, sysdig, attack, cisco, AI, AI-powered, attacks, attackers, security, BreachRx, Cisco, Nexus, security, challenges, attacks, cybersecurity, risks, industry, Cisco Talos hackers legitimate tools used in cyberattacks

Software Supply Chain Attacks: Clear and Present Danger

Eran Orzel | April 14, 2022 | CI/CD pipeline, DEVOPS, DevSecOps, security, software supply chain security, SolarWinds, Supply Chain Attacks, supply chain security

More than a year after the SolarWinds Sunburst attack and most companies are still exposed to software supply chain attacks. In a study conducted by Argon Security at Aqua Security, it was ...

Security Boulevard

CI/CD Pipeline – A Fuel to SDLC

Andres Montalban | March 11, 2022 | CI/CD pipeline, DEVOPS

What does your engineering team require to deliver bug-free code at a high velocity? It’s a fast and reliable CI/CD pipeline. CI CD Pipeline acts as oxygen in Software Development Lifecycle. It’s ...

PeoplActive

Illustrative Example of How to Set a Pipeline Job in Jenkins

CI/CD Pipeline – A Fuel to SDLC

Dariel Marlow19 MIN READ | March 11, 2022 | CI/CD pipeline, DEVOPS

The post CI/CD Pipeline – A Fuel to SDLC appeared first on PeoplActive ...

PeoplActive

Lessons in Securing Development Environments

Eran Orzel | May 12, 2021 | CI/CD pipeline, Development Security, Nissan, Supply Chain Attacks

The new world of software development is inherently collaborative — development teams are geographically dispersed and require easily accessible and automated tools to ship products and features quicker with confidence. The new ...

Security Boulevard

Everything You Need to Know About CI/CD and Security

Anastasios Arampatzis | January 4, 2021 | CI-CD, CI/CD pipeline, Coding, Development, risks

CI/CD is a recommended technique for DevOps teams and a best practice in agile methodology. CI/CD is a method for consistently delivering apps to clients by automating the app development phases. Continuous ...

The State of Security

CI/CD pipeline

Cycode Discovers a Supply Chain Vulnerability in Bazel

CI/CD Pipeline Security: Best Practices Beyond Build and Deploy

How Secure Code Signing Aligns With The Principles of DevSecOps

Are Your Code Signing Processes Mature? A Guide to Navigating Your Code Signing Maturity Journey

The Role of WAAP Platforms in the CI/CD Pipeline

Software Supply Chain Attacks: Clear and Present Danger

CI/CD Pipeline – A Fuel to SDLC

CI/CD Pipeline – A Fuel to SDLC

Lessons in Securing Development Environments

Everything You Need to Know About CI/CD and Security

Senator Sanders Wants to Own AI Companies — and Hand America’s Adversaries the Keys

NIST’s Nine: The PQC Signature Race Moves to Round Three

The Quantum Arms Race: Why Washington Just Wrote a $2 Billion Check to Nine Companies

Beyond Moore’s Law: The Hyper-Acceleration of Autonomous AI Cyber Capabilities

The Exception Economy: When Security Teams Stop Protecting and Start Negotiating

GoPlus’s Latest Report Highlights How Blockchain Communities Are Leveraging Critical API Security Data To Mitigate Web3 Threats

C2A Security’s EVSec Risk Management and Automation Platform Gains Traction in Automotive Industry as Companies Seek to Efficiently Meet Regulatory Requirements

Zama Raises $73M in Series A Lead by Multicoin Capital and Protocol Labs to Commercialize Fully Homomorphic Encryption

RSM US Deploys Stellar Cyber Open XDR Platform to Secure Clients

ThreatHunter.ai Halts Hundreds of Attacks in the past 48 hours: Combating Ransomware and Nation-State Cyber Threats Head-On