Tags: DevSecOps

ZAP Provides Automated Security Tests in Continuous Integration Pipelines

Commonly, a mixture of open source and expensive proprietary tools are shoehorned into a pipeline to perform tests on nightly as well as ad hoc builds. However, anyone who has used such tests soon realizes that the maturity of a smaller number of time-honored tests is sometimes much more valuable...
Read 0 Comments

'Shift Left': Codifying Intuition into Secure DevOps

Continuous delivery (CD) is becoming the cornerstone of modern software development, enabling organizations to ship — in small increments — new features and functionality to customers faster to meet market demands. CD is achieved by applying DevOps practices and principles (continuous integration...
Read 0 Comments

What is DevSecOps? Developing More Secure Applications

The simple premise of DevSecOps is that everyone in the software development life cycle is responsible for security, in essence bringing operations and development together with security functions. DevSecOps aims to embed security in every part of the development process. It is about trying to...
Read 0 Comments

7 Things to Know About the Changing Security Landscape

If you’re a hacker or a security company, chances are you’ve had a very good year. If you’re one of the enterprises that lost millions because of malware, then not so much. This year saw dozens of massive data breaches — and 2017 isn’t over yet. It also saw record investments in security startups,...
Read 0 Comments

Black Duck Launches New Container Security Solution

Black Duck announced the release of its OpsSight automatic open source vulnerability detection solution for containers at its Flight 2017 conference in Boston today. According to the company’s CEO Lou Shipley, OpsSight is Black Duck’s first product that targets the production phase of the software...
Read 0 Comments

But I Don't Know What a Container Is

What, then, is a container? Well, I come from a virtualization—hypervisor and virtual machine (VM)—background, and, in my mind, containers are both very much like and very much unlike VMs. I realize that this may not sound very helpful, but let me explain. How is a container like a VM? The main way...
Read 0 Comments


containers security
It's possible to run your containers with a temporary storage, or temporary volume mount, which can be useful from a security perspective. Learn more.

Secure Your Container Data With Ephemeral Docker Volumes

What with all the furor around containers and orchestrators, it can be easy to lose sight of some of their highly useful features. The portability and extensible nature of containers is a modern convenience to be cherished, but from my professional perspective it's sometimes all too easy to get...
Read 0 Comments

The DevSecOps Skills Gap

Few enterprise IT trends have evolved from buzzword to must-have as solidly as DevOps. Virtually everyone agrees that a software development and delivery process that bridges the traditional gap between dev teams and operations professionals is a good thing for the enterprise, an approach that is...
Read 0 Comments


containers security
Learn how to segregate your host's root user from the root user inside your containers with User Namespaces.

Hardening Docker Hosts with User Namespaces

Securing your Docker containers and the hosts upon which they run is key to sustaining reliable and available services. From my professional DevSecOps perspective, securing the containers and the orchestrators (e.g., OpenShift, Docker Swarm, and Kubernetes) is usually far from easy. This is...
Read 1 Comments

5 Current DevOps Trends MSPs Should Know

Staying competitive in the managed services business today means keeping on top of the latest DevOps trends and developments. Here's a look at how the DevOps world is evolving now. It's 2017, and Docker containers and continuous delivery are old news. More innovative developments are now shaping...
Read 0 Comments


Click Here!