DevSecOps and automated security

Need to deliver code quickly without compromising security? Get independent, expert information on DevSecOps approaches, including shift left and other ways to build security into the SDLC. Read about automated security testing tools and security testing best practices in software development.

September 08, 2020 08 Sep'20
Progress Software battles legacy rep amid Chef Software buy

Progress Software, a 40-year-old tech company, will mix Chef products into its portfolio of acquisitions, as both seek to keep up with rapid changes in IT automation.
July 28, 2020 28 Jul'20
Snyk shows developers top-priority vulnerabilities

Snyk's new prioritization capabilities help developers decide which security vulnerabilities to address first in order to shore up enterprise systems.
June 12, 2020 12 Jun'20
GitLab makes two acquisitions to shift fuzz testing left

GitLab has scooped up fuzz testing startups Fuzzit and Peach Tech, a move that will shift fuzz testing left in the DevSecOps toolchain.
February 28, 2020 28 Feb'20
Rapid7 adds Snyk security to its portfolio

The Snyk security vulnerability database brings an extra layer of protection to Rapid7 by helping developers find and fix vulnerabilities early in the software development process.

Bring yourself up to speed with our introductory content

5 DevSecOps best practices to prioritize

Successful DevSecOps isn't just about secure code -- it's securing the flows of data through code, methods and tools. Review these five security tips to button up your DevOps work. Continue Reading
Automate security testing and scans for DevSecOps success

Attackers are knocking at your door. Don't waste time with repetitive, automatable security tasks. Here's how DevSecOps enables code analysis, security testing and more. Continue Reading
How to set up a chaos engineering game day

Is it fun to spend the day breaking stuff in a war room with your coworkers? Of course, but more than that, it's vital to the security and stability of certain applications. Continue Reading

Weigh the pros and cons of technologies, products and projects you are considering.

Sonatype Nexus vs. JFrog: Pick an open source security scanner

Chances are your organization relies on open source code. But how do you manage code vulnerabilities? Find a product best suited for your needs in this Sonatype Nexus vs. JFrog comparison. Continue Reading
What's in store for software development trends in 2020?

New year, new IT priorities. While not all initiatives stick, these development and testing trends will shape how teams create, evaluate and deploy software. Get ahead of the curve. Continue Reading
DevSecOps puts software development and security on equal footing

With DevSecOps, organizations spread out security responsibilities to ops and devs. Here's how programmers can expect their roles to change and why it's not such a bad thing. Continue Reading

Learn to apply best practices and optimize your operations.

7 SOC automation use cases to augment security operations

Implementing SOC automation can have far-reaching benefits for an organization's infosec program and security culture. Learn how by exploring these seven use cases of AI in SOCs. Continue Reading
How to shift from DevOps to DevSecOps

A successful DevSecOps rollout requires software developers to be equipped with the proper security skills and tools. Learn how to transition smoothly from DevOps to DevSecOps. Continue Reading
How to use TODO comments for secure software development

Don't let security be a software development burden. Learn app developer tricks, such as using TODO comments, to ensure security controls make it from development to production. Continue Reading

We’ve gathered up expert advice and tips from professionals like you so that the answers you need are always available.

3 steps to secure codebase updates, prevent vulnerabilities

Codebase updates are critical, but what about when they introduce vulnerabilities? These three steps will help app developers secure codebase updates and keep their apps safe. Continue Reading
How to patch your open source software vulnerabilities

No matter how big your software vulnerabilities backlog has grown, here's how you can tackle it, and get on the path to continuous security monitoring. Continue Reading
5 application security threats and how to prevent them

The most widely known application security threats are sometimes the most common exploits. Here is a list of the top app threats and their appropriate security responses. Continue Reading