DevOps

OpenFGA: The open-source engine redefining access control

access control, DevOps, Don't miss, GitHub, News, open source, software, Terraform /

OpenFGA: The open-source engine redefining access control 2025-10-22 at 15:13 By Sinisa Markovic OpenFGA is an open-source, high-performance, and flexible authorization engine inspired by Google’s Zanzibar system for relationship-based access control. It helps developers model and enforce fine-grained access control in their applications. At its core, OpenFGA enables teams to define who can do what […]

React to this headline:

Loading spinner

OpenFGA: The open-source engine redefining access control Read More »

Nodepass: Open-source TCP/UDP tunneling solution

cybersecurity, DevOps, Don't miss, GitHub, network monitoring, networking, News, open source, penetration testing, red team, software /

Nodepass: Open-source TCP/UDP tunneling solution 2025-10-20 at 13:18 By Sinisa Markovic When you think of network tunneling, “lightweight” and “enterprise-grade” rarely appear in the same sentence. NodePass, an open-source project, wants to change that. It’s a compact but powerful TCP/UDP tunneling solution built for DevOps teams and system administrators who need to manage complex network

React to this headline:

Loading spinner

Nodepass: Open-source TCP/UDP tunneling solution Read More »

Cyber defense cannot be democratized

Artificial Intelligence, attacks, cyber resilience, cybersecurity, DevOps, Don't miss, Expert analysis, Expert corner, Hot stuff, News, opinion, SkyHawk Security /

Cyber defense cannot be democratized 2025-09-08 at 08:14 By Help Net Security The democratization of AI has fundamentally lowered the barrier for threat actors, creating a bigger pool of people who can carry out sophisticated attacks. The so-called democratization of security, on the other hand, has resulted in chaos. The problem In an earnest attempt

React to this headline:

Loading spinner

Cyber defense cannot be democratized Read More »

Where security, DevOps, and data science finally meet on AI strategy

Artificial Intelligence, Densify, DevOps, Don't miss, Features, hardware, Kubernetes, News, opinion, strategy, tips /

Where security, DevOps, and data science finally meet on AI strategy 2025-08-28 at 08:34 By Mirko Zorz AI infrastructure is expensive, complex, and often caught between competing priorities. On one side, security teams want strong isolation and boundaries. On the other, engineers push for performance, density, and cost savings. With GPUs in short supply and

React to this headline:

Loading spinner

Where security, DevOps, and data science finally meet on AI strategy Read More »

DevOps in the cloud and what is putting your data at risk

cloud security, DevOps, Don't miss, GitProtect.io, News, SaaS, strategy, tips, Video /

DevOps in the cloud and what is putting your data at risk 2025-08-22 at 07:33 By Help Net Security In this Help Net Security video, Greg Bak, Head of Product Enablement at GitProtect, walks through some of the biggest security risks DevOps teams are dealing with. He covers how AI tools can introduce vulnerabilities, including

React to this headline:

Loading spinner

DevOps in the cloud and what is putting your data at risk Read More »

Rethinking AppSec: How DevOps, containers, and serverless are changing the rules

Application Security, automation, Bright, CISO, cybersecurity, DevOps, Don't miss, Features, Hot stuff, News, opinion, serverless, strategy, tips /

Rethinking AppSec: How DevOps, containers, and serverless are changing the rules 2025-05-07 at 08:32 By Mirko Zorz Application security is changing fast. In this Help Net Security interview, Loris Gutic, Global CISO at Bright, talks about what it takes to keep up. Gutic explains how DevOps, containers, and serverless tools are shaping security, and shares

React to this headline:

Loading spinner

Rethinking AppSec: How DevOps, containers, and serverless are changing the rules Read More »

Powerpipe: Open-source dashboards for DevOps

DevOps, Don't miss, GitHub, Hot stuff, News, open source, software /

Powerpipe: Open-source dashboards for DevOps 2024-11-12 at 07:03 By Help Net Security Powerpipe is an open-source solution designed to streamline DevOps management with powerful visualization and compliance tools, making it simple to track, assess, and act on key data for smarter decision-making and continuous compliance monitoring. Dynamic dashboards and reports Powerpipe’s high-level dashboards offer an

React to this headline:

Loading spinner

Powerpipe: Open-source dashboards for DevOps Read More »

How to make Infrastructure as Code secure by default

code, cybersecurity, DevOps, Don't miss, Expert analysis, Expert corner, Hot stuff, News, opinion, policy, remediation, security standard, StackGen, threat detection /

How to make Infrastructure as Code secure by default 2024-09-13 at 07:46 By Help Net Security Infrastructure as Code (IaC) has become a widely adopted practice in modern DevOps, automating the management and provisioning of technology infrastructure through machine-readable definition files. What can we to do make IaC secure by default? Security workflows for IaC

React to this headline:

Loading spinner

How to make Infrastructure as Code secure by default Read More »

Number of incidents affecting GitHub, Bitbucket, GitLab, and Jira continues to rise

cybersecurity, DevOps, DevSecOps, GitHub, GitLab, GitProtect.io, monitoring, News, penetration testing, Ransomware, report, social engineering, vulnerability management /

Number of incidents affecting GitHub, Bitbucket, GitLab, and Jira continues to rise 2024-08-07 at 06:01 By Help Net Security Outages, human errors, cyberattacks, data breaches, ransomware, security vulnerabilities, and, as a result, data loss are the reality that DevSecOps teams have to face every few days, according to GitProtect.io. DevSecOps The possibility to integrate security

React to this headline:

Loading spinner

Number of incidents affecting GitHub, Bitbucket, GitLab, and Jira continues to rise Read More »

Maintaining human oversight in AI-enhanced software development

Artificial Intelligence, automation, code, cybersecurity, DevOps, Don't miss, Features, generative AI, Harness, Hot stuff, News, opinion, software development /

Maintaining human oversight in AI-enhanced software development 2024-07-03 at 07:31 By Mirko Zorz In this Help Net Security, Martin Reynolds, Field CTO at Harness, discusses how AI can enhance the security of software development and deployment. However, increased reliance on AI-generated code introduces new risks, requiring human oversight and integrated security practices to ensure safe

React to this headline:

Loading spinner

Maintaining human oversight in AI-enhanced software development Read More »

Users of JetBrains IDEs at risk of GitHub access token compromise (CVE-2024-37051)

Android, CVE, DevOps, Don't miss, Hot stuff, Java, JetBrains, Kotlin, News, software development, vulnerability /

Users of JetBrains IDEs at risk of GitHub access token compromise (CVE-2024-37051) 2024-06-11 at 15:46 By Zeljka Zorz JetBrains has fixed a critical vulnerability (CVE-2024-37051) that could expose users of its integrated development environments (IDEs) to GitHub access token compromise. About CVE-2024-37051 JetBrains offers IDEs for various programming languages. CVE-2024-37051 is a vulnerability in the

React to this headline:

Loading spinner

Users of JetBrains IDEs at risk of GitHub access token compromise (CVE-2024-37051) Read More »

How to combat alert fatigue in cybersecurity

cybersecurity, DevOps, Don't miss, Features, framework, Hot stuff, News, opinion, Stamus Networks, strategy /

How to combat alert fatigue in cybersecurity 2024-05-28 at 07:31 By Mirko Zorz In this Help Net Security interview, Ken Gramley, CEO at Stamus Networks, discusses the primary causes of alert fatigue in cybersecurity and DevOps environments. Alert fatigue results from the overwhelming volume of event data generated by security tools, the prevalence of false

React to this headline:

Loading spinner

How to combat alert fatigue in cybersecurity Read More »

Critical Git vulnerability allows RCE when cloning repositories with submodules (CVE-2024-32002)

DevOps, Don't miss, Git, GitHub, Hot stuff, News, open source, security update, vulnerability /

Critical Git vulnerability allows RCE when cloning repositories with submodules (CVE-2024-32002) 2024-05-16 at 14:16 By Zeljka Zorz New versions of Git are out, with fixes for five vulnerabilities, the most critical (CVE-2024-32002) of which can be used by attackers to remotely execute code during a “clone” operation. About Git Git is a widely-popular distributed version

React to this headline:

Loading spinner

Critical Git vulnerability allows RCE when cloning repositories with submodules (CVE-2024-32002) Read More »

How Google’s 90-day TLS certificate validity proposal will affect enterprises

AppViewX, automation, certificates, cybersecurity, DevOps, Don't miss, Encryption, Expert analysis, Expert corner, Google, Hot stuff, News, opinion, policy, risk assessment /

How Google’s 90-day TLS certificate validity proposal will affect enterprises 2024-04-11 at 08:01 By Help Net Security Announced last year, Google’s proposal to reduce the lifespan of TLS (transport layer security) certificates from 13 months to 90 days could be implemented in the near future. It will certainly improve security and shrink the window of

React to this headline:

Loading spinner

How Google’s 90-day TLS certificate validity proposal will affect enterprises Read More »

Using cloud development environments to secure source code

Cloud, code, Coder, cybersecurity, DevOps, Don't miss, Hot stuff, programming, software development, Video /

Using cloud development environments to secure source code 2024-03-21 at 07:01 By Help Net Security In this Help Net Security video, Rob Whiteley, CEO at Coder, discusses the cloud development environment (CDE) technology landscape and its benefits. From the earliest stages of writing code to deploying finalized applications, CDEs are reimagining the developer experience, gaining

React to this headline:

Loading spinner

Using cloud development environments to secure source code Read More »

Critical vulnerabilities in TeamCity JetBrains fixed, release of technical details imminent, patch quickly! (CVE-2024-27198, CVE-2024-27199)

continuous integration, DevOps, Don't miss, Hot stuff, JetBrains, News, Rapid7, security update, software development, vulnerability /

Critical vulnerabilities in TeamCity JetBrains fixed, release of technical details imminent, patch quickly! (CVE-2024-27198, CVE-2024-27199) 2024-03-04 at 18:07 By Zeljka Zorz JetBrains has fixed two critical security vulnerabilities (CVE-2024-27198, CVE-2024-27199) affecting TeamCity On-Premises and is urging customers to patch them immediately. “Rapid7 originally identified and reported these vulnerabilities to us and has chosen to adhere

React to this headline:

Loading spinner

Critical vulnerabilities in TeamCity JetBrains fixed, release of technical details imminent, patch quickly! (CVE-2024-27198, CVE-2024-27199) Read More »

Key areas that will define the intersection of AI and DevOps

Artificial Intelligence, Compliance, cybersecurity, DevOps, Don't miss, Eficode, framework, generative AI, Hot stuff, policy, regulation, Video /

Key areas that will define the intersection of AI and DevOps 2024-03-01 at 07:33 By Help Net Security Eficode research indicates that 96% of developers use AI tools, with most coders bypassing security policies to use them. With no standardized AI tool regulations, researchers advocate for stronger governance frameworks and AI security policies in organizations’

React to this headline:

Loading spinner

Key areas that will define the intersection of AI and DevOps Read More »

AI-driven DevOps: Revolutionizing software engineering practices

Artificial Intelligence, Codium AI, Compliance, cybersecurity, DevOps, Don't miss, Features, Hot stuff, News, opinion, programming, skill development, software development /

AI-driven DevOps: Revolutionizing software engineering practices 2024-02-28 at 07:04 By Mirko Zorz In this Help Net Security interview, Itamar Friedman, CEO of Codium AI, discusses the integration of AI into DevOps practices and its impact on software development processes, particularly in automating code review, ensuring compliance, and improving efficiency. Despite the benefits, challenges in incorporating

React to this headline:

Loading spinner

AI-driven DevOps: Revolutionizing software engineering practices Read More »

How to make developers accept DevSecOps

CISO, code, DevOps, DevSecOps, Don't miss, Hot stuff, News, skill development, software development /

How to make developers accept DevSecOps 2024-01-31 at 07:05 By Helga Labus According to a recent Dynatrace report, only 50% of CISOs believe that development teams have thoroughly tested the software for vulnerabilities before deploying it into the production environment. This is a statistic that needs to change and the only way to change it

React to this headline:

Loading spinner

How to make developers accept DevSecOps Read More »

Self-managed GitLab installations should be patched again (CVE-2024-0402)

DevOps, Don't miss, GitLab, Hot stuff, News, security update, software development, vulnerability /

Self-managed GitLab installations should be patched again (CVE-2024-0402) 2024-01-30 at 14:02 By Zeljka Zorz Less than two weeks after having plugged a security hole that allows account takeover without user interaction, GitLab Inc. has patched a critical vulnerability (CVE-2024-0402) in GitLab CE/EE again and is urging users to update their installations immediately. GitLab Inc. operates

React to this headline:

Loading spinner

Self-managed GitLab installations should be patched again (CVE-2024-0402) Read More »

Scroll to Top