Blog | ReversingLabs | Dev & DevSecOps (7)

Dev & DevSecOps (7)

November 21, 2022

4 ways GitOps can help secure your software pipeline

GitOps can help control configuration drift and enable your infrastructure security to shift left, for starters. Here are four ways it can enable better software security.

November 16, 2022

Track this: Apple, Google hit with BIG privacy law claims

Google has lost a long standing privacy case. And now Apple faces a big ol’ privacy class action. In this week’s Secure Software Blogwatch, we navigate the minefield.

November 9, 2022

Dropbox reveals hack: What DevOps can learn from it

Dropbox was recently hacked. So what can your DevOps team learn from it? For one, not all MFA schemes are created equal.

November 2, 2022

Reflection attacks: Don’t be part of the problem

Once again, Microsoft shows devs what NOT to do.

October 31, 2022

National Cyber Director: Higher bar for software supply chain security is key to cyber resilience

National Cyber Director Chris Inglis said the government is setting a new bar for supply chain security as the focus shifts from response to resilience.

October 27, 2022

OWASP at a crossroads: Founder Mark Curphey's call for relevance in the age of DevSecOps

After two decades of raising awareness about the big problems in application security, the Open Web Application Security Project (OWASP) stands at a crossroads. Founder Mark Curphey outlines his manifesto for modernization.

October 26, 2022

Google pairs GUAC with SLSA to take a bite out of software supply chain insecurity

Are you ready to dip into this tasty repo for better software security?

October 19, 2022

Devs: Don’t rely on GitHub Copilot — legal risk gets real

GitHub’s Copilot ML code-completion engine is violating copyright wholesale, say high-profile open source advocates.

October 12, 2022

DevOps lesson from Toyota FAIL: Crash test secrets

Do: Detect daft devs defying doctrine — Toyota stored prod database credentials in GitHub for five years

October 11, 2022

Packagist PHP repo supply chain attack: 3 key takeaways

A PHP repository vulnerability threatened millions of sites. Here's why you need to make an SBOM the first step in your software supply chain security journey.

October 5, 2022

Memory-safe #RustLang shines with its day in the sun

Don’t miss out on the new hotness (or on Linus’s rant). Have you woken up to the memory-safe language?

September 29, 2022

The Week in Security: Bill tasks CISA Director with responsibility for open source software security

This week: A new bill tasks the CISA Director with tackling open source software security, a leaked LockBit builder is being used by a new ransomware gang, and more.

Software Supply Chain Security

File Security

Security Operations

Products

Technology

Industry

Partners

Alliances

Resources

Company

Events

Press

Dev & DevSecOps (7)

4 ways GitOps can help secure your software pipeline

Track this: Apple, Google hit with BIG privacy law claims

Dropbox reveals hack: What DevOps can learn from it

Reflection attacks: Don’t be part of the problem

National Cyber Director: Higher bar for software supply chain security is key to cyber resilience

OWASP at a crossroads: Founder Mark Curphey's call for relevance in the age of DevSecOps

Google pairs GUAC with SLSA to take a bite out of software supply chain insecurity

Devs: Don’t rely on GitHub Copilot — legal risk gets real

DevOps lesson from Toyota FAIL: Crash test secrets

Packagist PHP repo supply chain attack: 3 key takeaways

Memory-safe #RustLang shines with its day in the sun

The Week in Security: Bill tasks CISA Director with responsibility for open source software security

Topics

Special Reports

The 2025 Software Supply Chain Security Report

Upcoming Webinars

ConversingLabs

Dev & DevSecOps (7)

Topics

Follow us

Subscribe

Special Reports