Merlin Sahasahamerlin.hashnode.dev·a day agoBuilding a Secure CI/CD Pipeline on Oracle Cloud with DevSecOps ToolsAutomated Secure CI/CD Pipeline for Oracle Cloud Infrastructure with DevSecOps Practices (Jenkins, OWASP Dependency Check, Trivy, SonarQube, VCN, Compartment, Security Group, Maven, GitHub, Docker, Docker Hub, ArgoCD, Kubernetes) Using Terraform, Ans...DiscussSecure CI/CD Pipeline
Sergio Medeirosgrumpz.net·May 17, 2024CVE-2024-34241: A Step-by-Step Discovery GuideIt was late at night, and I was starting to burn out from hunting bugs in a few bug bounty programs I am active on. I still had that hacker itch I wanted to scratch, so I decided to look at a few web applications to see if I could find any easy "0day...Discuss·105 readsMy Security ResearchBugs and Errors
Sanchit Singh Sandysanchitsandy.hashnode.dev·May 15, 2024DevSecOps Jenkins CI/CD Pipeline for a Node.js ApplicationOverview: This project focuses on setting up a Jenkins CI/CD pipeline for a Node.js application, emphasizing DevSecOps practices. The pipeline incorporates stages for code quality analysis using SonarQube, security checks with OWASP tools, and Docker...DiscussDevSecOps
NIHAL MOHAMAD ARIF PAPApapanihal360.hashnode.dev·May 15, 2024Project on🌐🛠️Automating To-Do-App Development and Deployment with DevSecOps CI/CD : Tutorial🚀Project on🌐🛠️Building DevSecOps CI/CD To Do App Project << In this project we will create our Node.js application using Jenkins, security using SonarQube,OWASP and image scanning using Trivy >> Tool we will need in this project is > 1.) AWS EC2 2.)...Discuss·1 likeDevops
Antony Mbubaambuba.hashnode.dev·May 15, 2024Cybersecurity and the State of the Modern Threat Landscape: A Deep Dive on CNAPPsIntroduction Over time, and as more organizations transition to the cloud, there is an imperative need to explore robust cloud security solutions to keep abreast with the ever-evolving security threat landscape. Further, according to a report by Gart...DiscussCloud-native Application Protection Platform (CNAPP) Market
Alvin Leealvinslee.hashnode.dev·May 13, 2024How You Can Use Logs to Feed SecurityIf your system is facing an imminent security threat — or worse, you’ve just suffered a breach — then logs are your go-to. If you’re a security engineer working closely with developers and the DevOps team, you already know that you depend on logs for...DiscussDevSecOps
Reza RashidiforDevSecOpsGuidesrezaduty-1685945445294.hashnode.dev·May 13, 2024Attacking Rust"Attacking Rust" delves into the intricacies of identifying and mitigating security vulnerabilities within Rust codebases. Despite Rust's reputation for strong memory safety and thread concurrency, no programming language is immune to potential explo...Discuss·359 readsRust
Kilokiloai.hashnode.dev·May 13, 2024Why Choose Karpenter Over Cluster Auto Scaler?What is Karpenter? Karpenter is an open-source, flexible, high-performance Kubernetes cluster autoscaler built with AWS. It helps improve your application availability and cluster efficiency by rapidly launching right-sized compute resources in respo...Discuss·183 readsKubernetes Devops
Esther Adwetsessadwets.hashnode.dev·May 11, 2024PicoCTF Scavenger Hunt WalkthroughThis is a straightforward guide to tackle the PicoCTF Scavenger Hunt. Get step-by-step solutions to challenges, decode flags, and boost your cybersecurity know-how. Perfect for all skill levels. Overview Points: 50 Category: Web Exploitation Descript...DiscussCTF Writeup
Rahul Kumarrahuldevops99.hashnode.dev·May 11, 2024🚀🔒Deploying Zomato Clone with DevSecOps End-to-End! 🛡️🌐Embark on an exhilarating journey as we engineer and deploy a Zomato Clone application, fortified with cutting-edge DevSecOps practices. Leveraging Terraform, Jenkins, SonarQube, OWASP, Trivy, and Docker, we're set to deliver a robust, secure, and sc...DiscussDevops