Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

CI CD

Security in Go Modules and Vulnerabilities in GoCenter at GoSF Meetup in San Francisco

Feb 29, 2020 By JFrog In JFrog
Deep Datta from the JFrog Community Team shares his learnings about Go 1.13 introducing important security features to Go Modules including a checksumdb. He explains how this works and provides information on other tools in GoCenter that keep modules secure include vulnerability scanning and Jfrog Xray.
View Video

DevSecOps Best Practices with JFrog Xray

Feb 26, 2020 By JFrog In JFrog
JFrog builds security products that enable organizations to trust their pipeline from development to deployment and production. In this webinar, you will learn how to leverage JFrog Xray to achieve radical transparency of the binary components in your data center. Understand the impact of these components on production system quality, performance, and architectural changes. We will also cover security topics such as circle of trust, security between locations, security replication, access tokens, and auditing.
View Video
sysdig

Image scanning for CircleCI

Feb 20, 2020 By Fede Barcelona In Sysdig

In this blog post, we are going to cover how to perform container image scanning for CircleCI using Sysdig Secure. Image scanning allows DevOps teams to detect and resolve issues, like known vulnerabilities and incorrect configurations, directly in their CI/CD pipelines. Using Sysdig Secure, you can enforce image policies to block vulnerabilities before they reach production environments and fix them faster while the developer still has the context.

Read Post
detectify

M. Loewinger, Smartbear: "Each product has a DevOps lead who manages Detectify and all its findings"

Feb 6, 2020 By Detectify In Detectify

Detectify user story: Smartbear offers automated software testing solutions that help development and testing teams ensure quality throughout the software development lifecycle. Martin Loewinger, Director of SaaS Operators at Smartbear, and his team use Detectify to ensure security is a part of each product CI/CD pipeline, so that they can help their end users with test automation and monitoring.

Read Post

Black Duck SCA & Coverity Static Analysis (SAST) Integrations with Amazon AWS CI Tools | Synopsys

Jan 22, 2020 By Synopsys In Synopsys
DevOps teams are rearchitecting their applications from monoliths to microservices, fueled by containerization and CI/CD. As application development moves to the cloud, security testing tools must follow. Application security testing solutions by Synopsys support the CI/CD tools you already use, including AWS Developer Tools. Coverity static analysis identifies security and quality issues in code as it is being built.
View Video
jfrog

Customize Xray DevSecOps With Private Data

Jan 17, 2020 By Taylor Lea In JFrog

For some organizations, even the best isn’t quite enough. That’s why JFrog Xray provides a way for you to specify your own additional data, to detect even more sensitive issues in your binaries before they can reach production. JFrog Xray is a tool for DevSecOps teams to gain insight into the open source components used in their applications.

Read Post
jfrog logo

DevOps: 8 Reasons for DevOps to Use a Binary Repository Manager on the Cloud

Jan 12, 2020 By JFrog
Cloud DevOps tools offer greater flexibility, rapid deployment, cloud automation, reduced IT costs, and low upfront costs with subscription pricing. Setting up your environment with Artifactory on the cloud on your choice provides unlimited scalability allowing you to grow according to your needs and is easily achieved by using cloud storage providers (Amazon AWS, Google GCP or Microsoft Azure) in your environment with Artifactory.
Get White Paper
jfrog logo

Taking My DevOps To The Cloud: The Essential Guide to Selecting a Binary Repository Solution

Jan 12, 2020 By JFrog
Software businesses of every industry and all sizes, from small startups to large enterprises, are looking for ways to accelerate their software development process in the race to innovate and deliver their offerings to their customers ahead of their competition.
Get EBook
jfrog

GoCenter Reveals Go Module Vulnerabilities With Xray

Jan 6, 2020 By Deep Datta In JFrog

Golang developers care a lot about security and as Go modules become more widely used, they need more ways to assure these publicly shared files are safe. One unique feature included with Golang version 1.13 is the foresight that went into authentication and security for Go modules. When a developer creates a new module or a new version of an existing module, a go.sum file included there creates a list of SHA-256 hashes that are unique to that module version.

Read Post
jfrog logo

JFrog Platform: An End-to-End Platform for Global DevOps

Jan 1, 2020 By JFrog
Today, we live in a very connected world, where our devices, homes and cars all communicate with each other, and every company with a product or service has the need to develop software. It is one of the primary mediums by which they strive to provide better products, services and solutions, and has become paramount to a company's success. To continuously improve their software, companies must have sound DevOps or DevSecOps practices in place.
Get White Paper
Subscribe to CI CD

Copyright © 2024 OpsMatters™. All rights reserved.