Cryptojacking Campaign Targets DevOps Servers Including Nomad
Wiz finds new threat group running cryptojacking campaign via exploited and misconfigured DevOps assets
Explore the latest in DevOps security practices, tools, and trends. Stay ahead on secure continuous integration & deployment with our expert insights.
Search across headline titles and summaries.
Background for this topic.
DevOps combines software development and IT operations to speed up application delivery through automation, continuous integration, and collaboration. It emphasizes frequent code changes, rapid testing, and deployment pipelines that reduce manual steps and accelerate release cycles.
From a security perspective, DevOps expands the attack surface by increasing the number of automated tools, scripts, and APIs involved in deployment. Misconfigured pipelines or insecure code repositories can expose credentials or introduce vulnerabilities. Integrating security into DevOps—often called DevSecOps—means embedding automated security checks, such as static code analysis and dependency scanning, directly into the build process to catch issues early and prevent risky code from reaching production.
Wiz finds new threat group running cryptojacking campaign via exploited and misconfigured DevOps assets