Security news aggregator

Latest coverage for DevOps

Explore the latest in DevOps security practices, tools, and trends. Stay ahead on secure continuous integration & deployment with our expert insights.

10 headlines in this view

Refine the feed

Search across headline titles and summaries.

Tag briefing

Background for this topic.

DevOps combines software development and IT operations to speed up application delivery through automation, continuous integration, and collaboration. It emphasizes frequent code changes, rapid testing, and deployment pipelines that reduce manual steps and accelerate release cycles.

From a security perspective, DevOps expands the attack surface by increasing the number of automated tools, scripts, and APIs involved in deployment. Misconfigured pipelines or insecure code repositories can expose credentials or introduce vulnerabilities. Integrating security into DevOps—often called DevSecOps—means embedding automated security checks, such as static code analysis and dependency scanning, directly into the build process to catch issues early and prevent risky code from reaching production.

Volume over time

Weekly headline count for the current query.

Showing 10 most recent headlines Filtered view

Researchers Urge Organizations to Rotate Credentials and Review Audit LogsThreat actor 888 claims it stole Accenture source code and cloud credentials, prompting researchers to warn that any exposed Azure tokens, encryption keys or DevOps secrets could enable follow-on intrusions and downstream supply-chain attacks even as Accenture says operations remain unaffected.

Bank Info Security 6 months ago

Overcoming Machine Identity Overload

CyberArk and Accenture Experts Discuss Modernization, Identity Sprawl, Securing AIEnterprises are embracing modernization by adopting artificial intelligence tools, automation and DevOps-driven development in the cloud, but these new platforms have introduced an attack surface saturated with human and machine identities, said CyberArk's Barak Feldman and Accenture's Rex Thexton.

CyberArk and Accenture Experts Discuss Modernization, Identity Sprawl, Securing AIFinancial services organizations are accelerating modernization efforts by adopting artificial intelligence, automation and DevOps-driven cloud development, but these initiatives have dramatically expanded their attack surface. As banks and financial enterprises rely more heavily on non-human identities to power applications, integrations and AI-driven workflows, security leaders are struggling to manage the volume, velocity and variety of machine identities across cloud and on-premises environments, said Barak Feldman, senior vice president of solutions engineering at CyberArk, and Rex Thexton, senior managing director at Accenture.

Bank Info Security 6 months, 1 week ago

Overcoming Machine Identity Overload

CyberArk and Accenture Experts Discuss Modernization, Identity Sprawl, Securing AIEnterprises are embracing modernization by adopting artificial intelligence tools, automation and DevOps-driven development in the cloud, but these new platforms have introduced an attack surface saturated with human and machine identities, said CyberArk's Barak Feldman and Accenture's Rex Thexton.

Funds Will Support Next-Gen Security Orchestration and Response, Eliminate ComplexityWith $30 million in funding, Sola Security is launching an AI-driven, self-service SOAR platform designed for easy adoption across security, IT, and DevOps teams. The Israeli startup aims to disrupt traditional security automation by lowering technical barriers.

Merger Combines Application Protection and DevOps to Secure Software at ScaleHarness and Traceable are combining forces to create a DevSecOps platform that seamlessly integrates software delivery with security. The merger addresses the growing need for continuous security along with continuous delivery, ensuring applications remain protected from development to deployment.

Bank Info Security 1 year, 9 months ago

Should CIOs and CISOs Wear One Hat?

Essen Health Care's Hiren Dave Makes the Case for Integration of CIO-CISO RolesAs cloud computing, DevOps and automation continue to evolve, the lines between IT functions are fading, making security integral to these processes. Hiren Dave, CIO and CISO at Essen Health Care, shares how combining the roles of CIO and CISO improves risk management and communication.

$230 Million Acquisition of Qwak Enhances Model Deployment and Security FeaturesJFrog's acquisition of Qwak will integrate advanced MLOps capabilities into the company's existing DevSecOps platforms. The transaction aims to improve model deployment efficiency, enhance security measures and integrate AI development features for end-to-end offerings.

Bank Info Security 2 years, 2 months ago

GitLab Hackers Use 'Forgot Your Password' to Hijack Accounts

US CISA Orders Federal Agencies to Apply January PatchThe U.S. federal government's cybersecurity agency warned that hackers are exploiting a vulnerability in DevOps platform GitLab that was patched in January. The vulnerability allows hackers to use the "forgot your password" function to send a reset link to an attacker-controlled inbox.