CI/CD security Archives

CI/CD, GitOps, pipelines, Jenkins, kubernetes, kpack, buildpacks, CI/CD, Codefresh, Komodor, AI, clusters, kubernetes, generative AI Kubernetes Argo container security continuous SQL Server Windocks Tekton Kubeflow Red Hat CI/CD

Where DevOps Pipelines Break: Real Attack Paths in Cloud-Native CI/CD

While traditional security focuses on perimeters, modern attackers are moving upstream to the CI/CD pipeline. By compromising the build process rather than the final product, they can inject malicious code into trusted ...

Alex Vakulov | May 11, 2026 | Artifact Integrity, Build Server Vulnerabilities, CI/CD security, Dependency Poisoning, DevSecOps, Kubernetes security, Pipeline Hardening, Secret Management, SolarWinds Incident, Supply Chain Attacks

Docker, secrets, gitguardian Thycotic Kubernetes secrets

Flare Finds 10,000 Docker Hub Images Exposing Secrets

Researchers found thousands of Docker images exposing API keys and tokens, revealing how secrets sprawl, shadow IT, and poor hygiene fuel modern breaches ...

Jeff Burt | December 16, 2025 | API, CI/CD security, cloud computing, container images, credentials, developers and containers, docker hub, exposed secrets, Flare Systems, passwords, shadow IT

How AI and Python Can Transform Docker Security and Vulnerability Management

Automate Docker container security with Python. Use Trivy, Clair, and Dockle for CI/CD vulnerability scans and AI-based threat detection in DevSecOps ...

runtime, visibility, Chainguard, threat, cloud-native security, Venafi, security, sigstore, KubeCon, cloud-native, security, secure, Rubrik, Kubernetes, Cloud-Native Security Best Practices

Runtime Visibility & AI-powered Security in Cloud-Native Environments

Kubernetes and cloud-native platforms have transformed software delivery — but also redefined the attack surface. As threats shift to runtime, visibility and real-time response have become the new security frontline. AI-driven anomaly ...