DEV Community

# devsecops

Integrating security practices into the DevOps lifecycle.

Posts

👋 Sign in for the ability to sort posts by relevant, latest, or top.
GitHub Organization Security Hardening: Exact Controls and Step-by-Step Setup Guide
mike_anderson_d01f52129fb profile

GitHub Organization Security Hardening: Exact Controls and Step-by-Step Setup Guide

#github #security #devsecops #supplychain
1
Comments
29 min read
We scanned 17,000 Claude Code skills. 39% run shell commands - only 4% say so up front.
skillock profile

We scanned 17,000 Claude Code skills. 39% run shell commands - only 4% say so up front.

#claude #devsecops #aisecurity #opensource
Comments
3 min read
3 Broken Auth Patterns Cursor Keeps Writing Into Your API
chandan_karn_fb750e731394 profile

3 Broken Auth Patterns Cursor Keeps Writing Into Your API

#security #webdev #ai #devsecops
Comments
3 min read
組織向け GitHub セキュリティ・ハードニング完全ガイド
mike_anderson_d01f52129fb profile

組織向け GitHub セキュリティ・ハードニング完全ガイド

#github #security #devsecops #supplychain
Comments
29 min read
End-to-End GitHub Security Hardening Guide for Organizations
mike_anderson_d01f52129fb profile

End-to-End GitHub Security Hardening Guide for Organizations

#github #security #devsecops #supplychain
Comments
44 min read
When Chain Analysis Fails: Three Boundaries You Cannot Cross
eldor_zufarov_1966 profile

When Chain Analysis Fails: Three Boundaries You Cannot Cross

#security #devsecops #programming #career
Comments
4 min read
The Gemini CLI CVSS 10 Attack: How a GitHub Issue Became a Supply Chain Weapon
toniantunovic profile

The Gemini CLI CVSS 10 Attack: How a GitHub Issue Became a Supply Chain Weapon

#security #promptinjection #supplychainsecurity #devsecops
Comments
6 min read
Anyone with GitHub issue access can steal your CI/CD secrets. Here's why.
agentshield profile

Anyone with GitHub issue access can steal your CI/CD secrets. Here's why.

#security #cicd #devsecops #promptinjection
Comments
6 min read
GitGuardian NHI Governance Now Gives More Comprehensive Visibility
dwayne_mcdaniel profile

GitGuardian NHI Governance Now Gives More Comprehensive Visibility

#nhi #security #devsecops #iam
Comments
6 min read
2,622 Valid Certificates Exposed: A Google-GitGuardian Study Maps Private Key Leaks to Real-World Risk
dwayne_mcdaniel profile

2,622 Valid Certificates Exposed: A Google-GitGuardian Study Maps Private Key Leaks to Real-World Risk

#security #tls #certificates #devsecops
1
Comments
5 min read
We benchmarked 24 SAST tools on ~700 real vulnerabilities. The 3 best known ones came last
muhammad_hasan profile

We benchmarked 24 SAST tools on ~700 real vulnerabilities. The 3 best known ones came last

#security #sast #devops #devsecops
Comments
1 min read
Embracing Zero Trust Security Architecture: A DevOps and AI Engineer's Perspective
naveenmalothu profile

Embracing Zero Trust Security Architecture: A DevOps and AI Engineer's Perspective

#security #devsecops #cloud
Comments
2 min read
Trivy's March Supply Chain Attack Shows Where Secret Exposure Hurts Most
dwayne_mcdaniel profile

Trivy's March Supply Chain Attack Shows Where Secret Exposure Hurts Most

#security #supplychain #devsecops #cicd
1
Comments 1
5 min read
Developers Are Now the Attack Surface
catatsuy profile

Developers Are Now the Attack Surface

#security #devsecops #opensource #cicd
Comments
10 min read
AI Security Scanning Tools in 2026: Snyk vs Semgrep vs OX Security — Real False-Positive Rates Tested
storm_son_b44db572b250b68 profile

AI Security Scanning Tools in 2026: Snyk vs Semgrep vs OX Security — Real False-Positive Rates Tested

#security #coding #devsecops #tools
Comments
5 min read
👋 Sign in for the ability to sort posts by relevant, latest, or top.