Software Integrity

Archive for the 'CI/CD' Category

 

Manage security risk in GitHub open source projects with CoPilot

CoPilot is a publicly-facing free application that allows owners of open source projects on GitHub to monitor security risk associated with used components as part of their Git Flow development process.

Continue Reading...

Posted in CI/CD, Open Source Security, Vulnerability Assessment | Comments Off on Manage security risk in GitHub open source projects with CoPilot

 

What is cloud-native container security?

Security technology is changing for the better as the container deployment model makes it easier to automate application security. This means that as more enterprises deploy containers to public and private clouds they are able to incorporate security automation into their continuous integration and deployment (CI/CD) pipeline. Cloud-native container security is a term that describes […]

Continue Reading...

Posted in CI/CD, Cloud Security, Containers, DevOps | Comments Off on What is cloud-native container security?

 

Scan nirvana: Hub Detect for all native build and CI tools

When you’re trying to secure and manage the open source code in your applications, the first step is to accurately discover all the open source in your systems. Simply put, if you don’t know which open source components you’re using, you can’t protect yourself from vulnerabilities in those components. That’s why Black Duck by Synopsys […]

Continue Reading...

Posted in CI/CD, DevOps, Open Source Security | Comments Off on Scan nirvana: Hub Detect for all native build and CI tools