Hot Topics

infrastructure as code

Cloudflare Akamai software, engineering, OWASP, organizations, appsec, AppSec Salt Security API security rise GitOps Finite State API APIs tokenization

Can GitOps Improve Application Security?

| | Application Security, AppSec, GitOps, infrastructure as code
GitOps is a set of practices for managing infrastructure and application deployment using Git version control systems. GitOps uses a Git repository as a single source of truth for declarative configuration of ...
Security Boulevard
supply chain data secure

Supply Chain Emerging as Cloud Security Threat

| | Cloud Security, Cloud-native, infrastructure as code, Secure Supply Chain, software supply chain
Misconfigurations in software development environments and poor security hygiene in the supply chain can impact cloud infrastructure and offer opportunities for malicious actors to control unwitting victims’ software development processes. These were ...
Security Boulevard

Secure What You Build and Where You Run It:  Say Hello to the Infrastructure as Code Pack for Nexus Lifecycle

| | infrastructure as code, News and Views, Product
What is the IaC Pack and Why Should You Care?  The Infrastructure as Code Pack is a new add-on to Nexus Lifecycle that enables developers to easily find and fix security vulnerabilities ...
Sonatype Blog

Why Sonatype is Acquiring MuseDev

| | Container Security, FEATURED, Full-Spectrum Software Supply Chain Management, infrastructure as code, MuseDev, News and Views, Nexus Lifecycle, Product
Ask any software developer, and they will tell you the truth about two things: Conventional code analysis and application security tools are overly noisy and generally not well integrated into the developer ...
Sonatype Blog
2021 Cybersecurity Predictions: Our Experts Weigh In

2021 Cybersecurity Predictions: Our Experts Weigh In

| | Blog, Cloud Software Development, Cloud-native, Cloud-Native Security, infrastructure as code, predictions
To say that 2020 was an unusual year would be an understatement. Business, government, healthcare, and education drastically changed with many organizations making massive digital transformations that were completely unplanned in many ...
Blog – Checkmarx

Open Source and Cloud Security Together at Last

| | FEATURED, infrastructure as code, News and Views, Nexus Lifecycle, Product
Today, we’re excited to announce a partnership with Fugue to bring cloud security and compliance into development work streams, helping your teams build, deploy, and manage secure applications in today's popular cloud-native ...
Sonatype Blog

Integrating Infrastructure as Code into a Continuous Delivery Pipeline

| | continuous delivery, DevSecOps, Infrastructure, infrastructure as code
We’re here to talk about integrating infrastructure as code into a continuous delivery pipeline. We’ll start by defining infrastructure as code then explain some of the problems it solves. Defining Infrastructure as ...
Sonatype Blog

Jobs As Code: Selecting the Best Tools and Deconstructing the CI/CD Pipeline

| | devops best practices, DevOps tools, infrastructure as code, jobs as code, News and Views, Post developers/devops
Who wants to mow the lawn with a pair of scissors? No one. Nothing compares to the ease of using the right tool for the job ...
Sonatype Blog