DevSecOps

OpenTofu Project Adds OCI Registry to Share and Reuse Components
The OpenTofu project has released an update that adds support for a registry based on the Open Container Initiative specifications to make it simpler to share and reuse modules ...

Why DockSec is the Security Layer Your Dockerfiles Were Missing
This article walks you through how DockSec works, what makes it different and why it matters for modern DevSecOps workflows. ...

DevSecOps for Kubernetes: 15 Best Practices for 2025
Some recommended best practices for securing applications in your Kubernetes environment, significantly enhancing their overall security. ...

Shauli Rozen on Kubescape Achieving CNCF Incubation
ARMO CEO Shauli Rozen explains why Kubescape, an open source agent for collecting security telemetry data in Kubernetes environments, has become an incubation level project within the Cloud Native Computing Foundation (CNCF) ...

Cloudsmith Updates Container Registry to Streamline DevSecOps Workflows
Cloudsmith at the Kubecon + CloudNativeCon Europe 2025 conference today added real-time vulnerability scanning along with an ability to automate the signing for container images, as they are cached using the open-source ...

The Future of Workload Isolation with Emily Long
Edera CEO Emily Long, in the wake of the company picking up an additional $15 million in funding, explains why a new approach to isolating workloads is needed to better secure IT ...

Best of 2024: Revolutionizing Software Development With Cloud-Native DevSecOps
DevSecOps and cloud-native architectures provide robust tools for monitoring and managing cloud platform resources ...

JFrog Adds Runtime Platform to Secure Cloud-Native Apps Running on Kubernetes
JFrog today at its swampUP 2024 conference revealed it has added an ability to automate real-time DevSecOps workflows spanning source code to binaries deployed in Kubernetes environments ...

Survey Surfaces Cloud-Native Application Security Challenges
A global survey of 600 DevOps, engineering and security professionals finds more than two-thirds (67%) reporting their organization has delayed or slowed application development as a result of security concerns. Conducted by ...

Red Hat Adds Developer Tools to Extend DevSecOps Reach
Red Hat added three new developer tools, expanding its DevSecOps portfolio for building secure cloud-native applications ...