DevSecOps Archives

OpenTofu, infrastructure IaC Kubernetes Leveraging Ephemeral Infrastructure Effectively

OpenTofu Project Adds OCI Registry to Share and Reuse Components

The OpenTofu project has released an update that adds support for a registry based on the Open Container Initiative specifications to make it simpler to share and reuse modules ...

Mike Vizard | July 1, 2025 | DevSecOps, IaC, oci

docksec, devsecops, NVIDIA NIM, developers, AI, GenAI, cloud native developers Torc Trend Micro Advances DevSecOps via Kubernetes

Why DockSec is the Security Layer Your Dockerfiles Were Missing

This article walks you through how DockSec works, what makes it different and why it matters for modern DevSecOps workflows. ...

Advait Patel | July 1, 2025 | containers, DevSecOps, docker, docker security, Dockerfiles, security

Kubernetes, practices, DevSecOps, JFrog, DevSecOps, Snyk Cerbos DevSecOps authorization incident Deepfence misconfigured Kubernetes security

DevSecOps for Kubernetes: 15 Best Practices for 2025

Some recommended best practices for securing applications in your Kubernetes environment, significantly enhancing their overall security. ...

Carey Bishop | May 20, 2025 | best practices, DevSecOps, kubernetes

Shauli Rozen on Kubescape Achieving CNCF Incubation

ARMO CEO Shauli Rozen explains why Kubescape, an open source agent for collecting security telemetry data in Kubernetes environments, has become an incubation level project within the Cloud Native Computing Foundation (CNCF) ...

Mike Vizard | April 1, 2025 | cncf, DevSecOps, incubation, Kubernetes security

scanning, cloudsmith, stateless ephemeral stateful security Kubernetes unikernel Sumo Logic

Cloudsmith Updates Container Registry to Streamline DevSecOps Workflows

Cloudsmith at the Kubecon + CloudNativeCon Europe 2025 conference today added real-time vulnerability scanning along with an ability to automate the signing for container images, as they are cached using the open-source ...

Mike Vizard | April 1, 2025 | container security, containers, DevSecOps

The Future of Workload Isolation with Emily Long

Edera CEO Emily Long, in the wake of the company picking up an additional $15 million in funding, explains why a new approach to isolating workloads is needed to better secure IT ...

Mike Vizard | March 11, 2025 | AI, cloud security, DevSecOps, Edera

Best of 2024: Revolutionizing Software Development With Cloud-Native DevSecOps

DevSecOps and cloud-native architectures provide robust tools for monitoring and managing cloud platform resources ...

Swetha Yalamanchili | December 26, 2024 | architecture, CI/CD, cloud native, DevSecOps, pipeline, security

JFrog Adds Runtime Platform to Secure Cloud-Native Apps Running on Kubernetes

JFrog today at its swampUP 2024 conference revealed it has added an ability to automate real-time DevSecOps workflows spanning source code to binaries deployed in Kubernetes environments ...

Mike Vizard | September 10, 2024 | DevSecOps, kubernetes, workflows

openlogic, software, survey, CNCF, cloud-native, kubernetes, application security report

Survey Surfaces Cloud-Native Application Security Challenges

A global survey of 600 DevOps, engineering and security professionals finds more than two-thirds (67%) reporting their organization has delayed or slowed application development as a result of security concerns. Conducted by ...

Mike Vizard | June 21, 2024 | application security, cloud-native apps, DevSecOps, kubernetes, survey, vulnerabilities