Search for a command to run...
Articles tagged with #devsecops
We've talked about how Continuous Integration and Continuous Delivery (CI/CD) tools can be a source of secrets sprawl. While it's not as insecure as leaving them laying around in a publicly accessible file, CI/CD pipelines can be exploited in a numbe...
Protecting sensitive data is a crucial responsibility for modern businesses. To ensure the security of critical information, organizations utilize various tools and strategies. One such tool is a secrets manager, which securely stores and manages sen...
Learn step-by-step techniques and best practices to handle secrets in Helm charts safely and effectively. Level up your Helm deployments today! Kubernetes (K8s), an open-source container orchestration system, has become the de-facto standard for run...
Let's start with a story: have you heard the news about CircleCI's breach? No, not the one where they accidentally leaked some customer credentials a few years back. This time, it's a bit more serious: It seems that some unauthorized individuals were...
In my previous tutorials, we looked at Azure Key Vault and Google Secret Manager: How to Handle Secrets with Azure Key Vault: In this piece, we had a look at the Zero Trust security strategy, how to put it into practice to secure applications and da...
By C.J. May Code review is an important part of the development process that can help to identify issues with the quality of the software. Secure code reviews are a specific type of code review that is specifically evaluating the security of the soft...
![Secure Code Review Best Practices [cheat sheet included]](/_next/image?url=https%3A%2F%2Fcdn.hashnode.com%2Fres%2Fhashnode%2Fimage%2Fupload%2Fv1690986430455%2Fcd267051-c76b-4ee6-8352-421f1cf4f6fa.jpeg&w=3840&q=75)