DevOps Security Archives

The New Perimeter is Your Supply Chain

Alan Shimel | September 26, 2025 | CI/CD pipeline compromise, Cloud-Native Application Security, cloud-native perimeter security, CNAPP security, DevOps Security, SBOM security, Sigstore provenance, SLSA Framework, software supply chain attacks, supply chain risk management

Alan examines why the software supply chain has become the new perimeter in cloud-native security. From SBOMs to SLSA and Sigstore, discover how leaders can defend against attacks that target dependencies, pipelines ...

Security Boulevard

The Evolution of Security in Containerized Environments

TuxCare Team | May 31, 2024 | Challenges in Container Security, DEVOPS, DevOps Security, Guest Blogs, security in containerized environments

In recent years, containers have become a staple in modern IT infrastructures. They provide extreme flexibility and efficiency in deploying applications. Yet, as containerization has grown in popularity, so has the need ...

TuxCare

From DAST to dawn: why fuzzing is better solution | Code Intelligence

Natalia Kazankova | April 19, 2024 | API security, DevOps Security, Embedded/Automotive Security, Java Security, javascript-security

Security testing allows you to evaluate the robustness of applications and systems and identify potential weaknesses that attackers may exploit. DAST and fuzzing are two popular, important, and proven security testing methods ...

Code Intelligence Blog

Top 18 AI-Powered Software Testing Tools in 2023

Alexander Thiam | October 26, 2023 | AI, DevOps Security

The impact of AI tools on software development is starting to make itself felt. As the productivity of developers increases, so does the necessity for software testing. Luckily, AI is also seeing ...

Code Intelligence Blog

GitLab Security Patches: Safeguarding Your Data

Wajahat Raja | October 5, 2023 | code security, continuous-integration, Cyber Threats, Cybersecurity, Cybersecurity News, data integrity, DevOps Security, GitLab Security, GitLab Vulnerability, security best practices, security patches, software supply chain attacks, Vulnerability Management

GitLab recently released critical security upgrades in order to improve the security of its widely used open-source code repository and DevOps collaborative software development platform. These GitLab security patches are intended to ...

TuxCare

Aligning Cloudentity Components with XACML Terminology

Karmen Lei | March 17, 2022 | ABAC, API security, Cloud Security, DevOps Security, General, PBAC, XACML

Cloudentity is frequently asked how our components and features align with those of the legacy XACML (eXtensible Access Control Markup Language), including Policy Administration Points (PAP), Policy Decision Points (PDP), Policy Information ...

Blog - Cloudentity

Build a GraphQL client application to consume protected GraphQL API resources

Cloudentity | February 20, 2022 | API security, Cloud Identity Management, DevOps Security, General

This article is part 3 of our GraphQL application protection series. In this article, we will build a GraphQL client that is capable of invoking GraphQL API calls, obtain authorized access tokens ...

Blog - Cloudentity

Build and secure a GraphQL based application with Cloudentity authorization platform

Cloudentity | February 18, 2022 | API security, Cloud Identity Management, DevOps Security, General

This article is part 2 of our GraphQL application protection series. In this article, we will build a GraphQL API server and protect its resources with externalized policies administered in the Cloudentity ...

Blog - Cloudentity

Externalized Authorization for GraphQL

Cloudentity | February 15, 2022 | API security, Cloud Identity Management, DevOps Security, General

This article is the first part of a series to explore usage of the Cloudentity authorization platform for externalized GraphQL runtime authorization along with policy based access controls for GraphQL native constructs ...

Blog - Cloudentity

Identity and Authorization At Cloud Scale

Cloudentity | December 6, 2021 | API security, breaches, Cloud Identity Management, Cloud Security, Customer Experience, DevOps Security, General, iam, legislation, SBN News, Videos

Identity and Authorization at Cloud Scale Scalability has long been a thorn in the side of IAM limiting both the agility of the business and the capabilities of developers creating next-gen services ...

Blog - Cloudentity

DevOps Security

Senator Sanders Wants to Own AI Companies — and Hand America’s Adversaries the Keys

NIST’s Nine: The PQC Signature Race Moves to Round Three

The Quantum Arms Race: Why Washington Just Wrote a $2 Billion Check to Nine Companies

Beyond Moore’s Law: The Hyper-Acceleration of Autonomous AI Cyber Capabilities

The Exception Economy: When Security Teams Stop Protecting and Start Negotiating

GoPlus’s Latest Report Highlights How Blockchain Communities Are Leveraging Critical API Security Data To Mitigate Web3 Threats

C2A Security’s EVSec Risk Management and Automation Platform Gains Traction in Automotive Industry as Companies Seek to Efficiently Meet Regulatory Requirements

Zama Raises $73M in Series A Lead by Multicoin Capital and Protocol Labs to Commercialize Fully Homomorphic Encryption

RSM US Deploys Stellar Cyber Open XDR Platform to Secure Clients

ThreatHunter.ai Halts Hundreds of Attacks in the past 48 hours: Combating Ransomware and Nation-State Cyber Threats Head-On