Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

code intelligence

How CI/CD-Integrated Fuzzing Improves Automotive Software Security

Feb 10, 2023 By Daniel Teuchert In Code Intelligence
As vehicles are becoming increasingly dependent on software, automotive software teams are adopting CI/CD (continuous integration and continuous deployment/delivery). This enables them to build, test, and deploy code faster than ever while simultaneously reducing potential maintenance costs. In automotive projects, functional and security bugs can be highly consequential, especially if they are found in the later stages of software development or, even worse, after shipping.
Read Post
gitguardian

How to Bake Security into your CI/CD Pipeline

Feb 1, 2023 By GitGuardian In GitGuardian
According to IBM Security's "The Cost of a Data Breach Report", the global cost of data breaches in 2022 increased by 2.6% compared to previous year, reaching $4.35 million. The source code of major companies like Nvidia, Microsoft, Uber, Slack, Toyota was leaked, often caused by usage of hardcoded secrets (you can see more details in the infographics below). In those cases, lateral movements were compromising software supply chain security. In their report Gartner claims about 45% of companies should expect to become targets of supply chain attacks by 2025.
Read Post

Securing your Jenkins CI/CD Container Pipeline with CrowdStrike

Dec 29, 2022 By CrowdStrike In CrowdStrike
In any software development cycle, it is best practice to catch issues as early as possible since it both improves security and decreases the workload for both developers and security. In order to do this, CrowdStrike offers solutions for developers at build time that allow them to assess their Docker container images and review summarized report data integrated with their favorite CI/CD tools like Jenkins.
View Video
CrowdStrike

Securing your Jenkins CI/CD Container Pipeline with CrowdStrike

Dec 28, 2022 By Jay Flora In CrowdStrike

In any software development cycle, it is best practice to catch issues as early as possible since it both improves security and decreases the workload for both developers and security. In order to do this, CrowdStrike offers solutions for developers at build time that allow them to assess their Docker container images and review summarized report data integrated with their favorite CI/CD tools like Jenkins.

Read Post

Customer Office Hours: CI/CD Best Practices

Dec 9, 2022 By Snyk In Snyk
Learn tips and tricks on how to implement, troubleshoot and scale deployments. For example, should you scan in the CICD or in SCM? What implementation methods should you use - plugin, npm, binary…? We will cover this and more. Host: Sebastian Roth, Senior Solutions Engineer Seb brings his expertise as a Principal Software Engineer & Team Lead for over 17 years into the DevSecOps community, where he now focuses on process improvements and shares best-practices to improve security posture.
View Video
mend

Mend SCA Action within Amazon CodeCatalyst Brings Additional Application Security to Developers

Dec 1, 2022 By Rami Sass In Mend

Announced today at AWS re:Invent, Amazon CodeCatalyst brings together everything software development teams need to plan, code, build, test and deploy applications on AWS into a streamlined, integrated experience.

Read Post

How to Migrate Snyk to the new Bitbucket Cloud App Integration

Nov 29, 2022 By Snyk In Snyk
Snyk has a new and improved Bitbucket Cloud App. The new Snyk Security for Bitbucket Cloud App features the same Bitbucket experience with a streamlined onboarding process and improved enterprise functionality. Here's how to migrate your existing Snyk as Bitbucket Cloud App (Legacy)—to the new Bitbucket Cloud App integration.
View Video
Snyk

How to use GitHub Actions environment variables

Nov 22, 2022 By Lewis Gavin In Snyk

To improve the efficiency of releasing working code into a production environment, implementing a continuous integration and continuous delivery (CI/CD) pipeline is a great practice. These pipelines automate the process of checking that a code change is ready for release and provides tools to automate the release to a production environment. One popular way to do this is to use your existing version control system.

Read Post

Copyright © 2026 OpsMatters™. All rights reserved.