Thịnh Nguyễnsupplychainsecurity.sh·Jun 30, 2023DevSecOps the hard way: Part IThis is the first blog in a series to share my thought on how to build a DevSecOps culture in an organization Many businesses have started using DevOps/DevSecOps by adding many advanced tools, hoping they will improve security processes. But, the mai...12 likes·376 readsDevSecOps the hard wayDevSecOps
Soujanya AinforGitGuardiangitguardian.hashnode.dev·Apr 20, 2023Launching GitGuardian Honeytoken: your powerful ally to detect any breaches in the supply chain!Today, after months of hard work and discovery with security teams, we are excited to launch the new Honeytoken module to protect your software supply chain against attackers targeting Source Control Management (SCM) systems, Continuous Integration, ...30 readssoftware-supply-chain-security
Zohaib BashirforCloud Native Islamabadcloudnativeislamabad.hashnode.dev·Oct 9, 2022Understanding Docker Multi-Stage BuildThis blog is a sort of continuance of my previous blog which you can read here. There I covered the differences between virtualization and containerization, where to use them and how they are relevant in their ways. In this blog, I will talk about Do...208 readsKaniko
Dave Murrayblog.taranissoftware.com·Aug 21, 2022Secure your workflows with StepSecurity Harden RunnerIn my previous article, Secure your .NET builds with StepSecurity and GitHub Actions, I discussed software supply chain attacks and showed how to use StepSecurity Secure Workflows to improve the security of your GitHub Actions software supply chain. ...5 likes·234 readsGitHub Actionsgithub-actions
Dave Murrayblog.taranissoftware.com·Aug 7, 2022Secure your .NET builds with StepSecurity and GitHub ActionsSoftware supply chain attacks are increasing in severity and frequency. StepSecurity are working to help secure DevOps workflows using GitHub Actions. In this article I show how you can use StepSecurity's tools to improve the security of your workflo...10 likes·364 readsGitHub Actionsgithub-actions