#DevSecOps

@nitishagar.bsky.social

2 hours ago

The Zero-Code Security Team: Shifting Left with Prompt-Native AI Agents How a prompt-native multi-agent orchestrator shifts security feedback from post-push to pre-commit and why the architecture has almost no…

Finding vulnerabilities in CI is too late. You're already context-switching. 🛑

I wrote about a zero-code (just Markdown!) multi-agent architecture that moves security review to pre-commit.

#DevSecOps #AIagents #AppSec

Adversarial AI "validators" kill hallucinations before devs ever see them. 👇

Anchore

@anchore.com

12 hours ago

If your defense strategy relies on late-night triage sessions, it's time to build a better system. Anchore VP of Security, Josh Bressers explains why 2026 is the end of the "hero era": anchore.com/blog/no-crystal-ball-but...

#DevSecOps #SoftwareSupplyChain

Zidan Jaffar

@zidan-jaffar.bsky.social

18 hours ago

The best engineers I know don’t panic during outages.

They get quiet.
They trace.
They verify.
They isolate.

Calm is a technical skill.

#DevSecOps #buildinpublic #100DaysOfCode

Zidan Jaffar

@zidan-jaffar.bsky.social

18 hours ago

If changing one module forces you to update five others,
that’s not growth.

That’s coupling.

#DevSecOps #buildinpublic #100DaysOfCode

Anchore

@anchore.com

20 hours ago

False positives killing your team's productivity? 😵‍💫

Anchore Secure gives you signal, not noise 📡

https://anchore.com/platform/secure/

#SoftwareSupplyChain #SBOM #CyberSecurity #Compliance #DevSecOps

さるぼっと@IT最新動向を配信

@sarubot.bsky.social

22 hours ago

GitHubが日本国内でのデータレジデンシー対応を開始。金融・公共など規制の厳しい業界でも、コンプライアンスを担保しつつAI開発をフル活用可能に。

・国内データ保管でガバナンス完備
・Copilotの活用も可能
・ISMAP取得に向けた強固な基盤

#GitHub #DevSecOps

GuardingPearSoftware

@guardingpearsof.bsky.social

23 hours ago

The RSA Share Project Ever wondered how software stays secure? This article dives into the story of RSA Security and their "Share Project" from 2009. They gave developers free access to powerful encryption tools, aiming to build security right into software from the start.

Security is built-in, not bolted on! Explore the RSA Share Project's impact on democratizing crypto for devs & game studios. #DevSecOps

Read here: www.guardingpearsoftware.com/blog/the-rsa-share-proje...

roxsross

@roxsross.bsky.social

1 day ago

🤖 Encuesta: La codificación con IA agrava los problemas en los flujos de trabajo DevOps

El uso de herramientas de IA para codificar acelera los despliegues, pero más de la mit

devops.com/survey-ai-coding-exacerb...

#AIcoding #DevSecOps #CI_CD #RoxsRoss

ContextHound

@contexthound.com

1 day ago

ContextHound v1.8.0 - Runtime Guard API is here.
Wrap any OpenAI or Anthropic call and inspect the messages before they send:

100% offline. No data leaves your machine. Ever.

#LLMSecurity #PromptInjection #OpenSource #AIRisk #CyberSecurity #DevSecOps #GenAI

itpeoplenetwork_official

@itpn.bsky.social

1 day ago

ITPN delivers end-to-end trust—SBOM governance, zero-trust CI/CD, AI-driven threat modeling & quantum-ready defense. Future-proof your code before complexity becomes compromise.

itpeoplenetwork.com/application-...

#SecureDevelopment #CyberSecurity #DevSecOps #ZeroTrust #CloudSecurity

Thiard News@F4F

@newsen.bsky.social

1 day ago

Exploring the Future of Application Security: A $66 Billion Market by 2031 The Application Security Market is set to experience significant growth, projected to reach $66.03 billion by 2031, driven by increased security demands and technological advancements.

Exploring the Future of Application Security: A $66 Billion Market by 2031 #USA #Cybersecurity #Delray_Beach #Application_Security #DevSecOps

GitProtect.io

@gitprotect.bsky.social

1 day ago

How the Shared Responsibility Model Gap Makes You Lose Money Learn what the Shared Responsibility model gaps look like, why they cost real money, and how to bridge them.

Does your organization still rely on native SaaS data protection alone? A lot of teams do...

But there is a Shared Responsibility Model that they should take into account!

👉 Learn more: gitprotect.io/blog/shared-...

#backup #SaaS #DevOps #DevSecOps #GitProtect

thedailyperspective.org

@thedailyperspective.org

1 day ago

Layered Defence: NanoClaw Adopts Docker Sandboxes to Address AI Agent Security Crisis NanoClaw partners with Docker to add microVM isolation for AI agents. Two-layer defence responds to OpenClaw security vulnerabilities.

Layered Defence: NanoClaw Adopts Docker Sandboxes to Address AI Agent Security Crisis

#AISecure #Docker #DevSecOps #AusNews

thedailyperspective.org/article/2026-03-13-layer...

SCANOSS

@scanoss.bsky.social

1 day ago

Running SCANOSS in GitHub Actions: Automate Open Source Scanning in CI YouTube video by SCANOSS

New demo 🎥

Automate open source scanning in GitHub by running SCANOSS in a GitHub Actions workflow.

Set up the workflow, configure parameters, trigger scans, and review detection results — all inside your CI pipeline.

Watch → youtu.be/7qfOoXGj0aA

#SCANOSS #GitHubActions #DevSecOps

OpsMatters

@opsmatters.com

2 days ago

Aikido Aikido Security is an automated application security platform designed specifically for software engineering teams.

The latest update for #AikidoSecurity includes "How #SecurityTeams Fight Back Against AI-Powered Hackers" and "How does AI #Pentesting Work with #Compliance?".

#Cybersecurity #AppSec #DevSecOps https://opsmtrs.com/48vGyRP

CyberTaters

@potato.software

2 days ago

The latest update for #Veracode includes "#AI, #ApplicationSecurity, and the Illusion of Control" and "The 36% Surge in High-Risk Vulnerabilities: What It Means for Your Business".

#potatosecurity #softwaresecurity #AppSec #DevSecOps https://opsmtrs.com/3eO6tf7

OpsMatters

@opsmatters.com

2 days ago

Veracode Veracode’s powerful cloud-based platform, deep security expertise, and systematic, policy-based approach provide enterprises with a simpler and more scalable way to reduce application-layer risk across their global software infrastructures.

The latest update for #Veracode includes "#AI, #ApplicationSecurity, and the Illusion of Control" and "The 36% Surge in High-Risk Vulnerabilities: What It Means for Your Business".

#cybersecurity #softwaresecurity #AppSec #DevSecOps https://opsmtrs.com/3eO6tf7

Richard Fan

@richardfan.xyz

2 days ago

Actions OIDC tokens now support repository custom properties - GitHub Changelog GitHub Actions OpenID Connect (OIDC) tokens now support repository custom properties as claims. Additionally, a new settings page is available in public preview, making it easy to configure OIDC token...

This is a big one for cloud admins in big organizations!!!

No more hardcoded repo names in IAM role trust policy

Just tag the GitHub repos and use ABAC

#DevOps #DevSecOps #GitHub #CloudSecurity #IAM #OIDC

github.blog/changelog/20...

OpsMatters

@opsmatters.com

2 days ago

GitProtect GitProtect brings backup & DR for DevOps tools like GitHub, GitLab, Bitbucket, or Jira to help thousands organizations meet their compliance needs.

The latest update for #GitProtect includes "How the Shared Responsibility Model Gap Makes You Lose Money" and "Top 12 #DevOps Automation Tools".

#cybersecurity #Backup #DevSecOps https://opsmtrs.com/3TszuS2

Clive D (OSDE)

@osde8info.bsky.social

2 days ago

metro bank

sponsors

steampunk

steampunk

ansible london meetup @steampunk-explorer.com #devops #devsecops

Clyde D (FSSE)

@fsse8info.bsky.social

2 days ago

metro bank

freedom

pillars

ansible london meetup
#devops #devsecops

The Daily Tech Feed

@thedailytechfeed.com

2 days ago

UNC6426 exploits nx npm supply chain, achieving full AWS admin access in 72 hours. A stark reminder of the need for robust security in software development. #CyberSecurity #SupplyChainAttack #AWS #DevSecOps Link: thedailytechfeed.com/unc6426-expl...

ActiveState

@activestate.bsky.social

2 days ago

Curated Open Source Catalog Evaluation Checklist - ActiveState 2026 OSS checklist, covering security vetting, SBOM generation, SLSA compliance, supply chain transparency, and governance controls.

Evaluating a curated OSS catalog in 2026? 🛡️ Do not just check for CVEs.

Software supply chains are now moving at machine scale and your open source security needs to keep up.

Get the full 2026 Evaluation Checklist here:
🔗 buff.ly/BDhalCI

#AppSec #DevSecOps #OpenSource

John P. Mello Jr.

@jpmjr.bsky.social

2 days ago

OWASP adopts DockSec: What it is — and why it matters Security teams are plagued by information overload — the firehose of data pumped out by their security tools. Now, some relief is in sight...

OWASP just adopted DockSec to cut through container security noise and sharpen DevSecOps signal. See how this AI-powered analyzer helps teams ship safer software: jpmellojr.blogspot.com/2026/03/owas... #OWASP #DockSec #DevSecOps #ContainerSecurity #AppSec

The Daily Tech Feed

@thedailytechfeed.com

2 days ago

Alert: Malicious Rust crates and AI bot 'hackerbot-claw' are targeting CI/CD pipelines to steal developer secrets. Ensure your environments are secure! #CyberSecurity #DevSecOps #RustLang Link: thedailytechfeed.com/malicious-ru...

GitProtect.io

@gitprotect.bsky.social

3 days ago

Code security and data resilience in DevOps - Insights for 2026 AI is reshaping software development, but at the same time, it’s reshaping risk. As development cycles accelerate and AI coding assistants become mainstream, traditional approaches to code security an...

Discover best practices to ensure code security and data resilience in the DevOps ecosystem in our upcoming webinar!

📅 March 19th | 12 PM CET

Save your spot 👉 streamyard.com/watch/4Cxurc...

#DevOps #DevSecOps #backup #compliance

OpsMatters

@opsmatters.com

3 days ago

Veracode Veracode’s powerful cloud-based platform, deep security expertise, and systematic, policy-based approach provide enterprises with a simpler and more scalable way to reduce application-layer risk across their global software infrastructures.

The latest update for #Veracode includes "The 36% Surge in High-Risk Vulnerabilities: What It Means for Your Business" and "The Next Generation of #SAST Scanning".

#cybersecurity #softwaresecurity #AppSec #DevSecOps https://opsmtrs.com/3eO6tf7

Tom Smith

@ctsmithiii.bsky.social

3 days ago

F5 AI Remediate Closes the Gap Between Finding AI Vulnerabilities and Fixing Them Every security team knows the frustration. A vulnerability gets flagged. Someone has to understand it well enough to write a protection. That process can take hours if the issue is simple, days if it'...

How long does it take your team to go from flagging an AI vulnerability to deploying a fix?
For most enterprises: days. With F5 AI Remediate: under 60 minutes. Coverage from #F5AppWorld 2026.
coderlegion.com/12803/f5-ai-... #DevSecOps #AppSec #AISecurity

Grype

@grypeproject.bsky.social

3 days ago

Tomorrow! Get ready for our Anchore Open Source live stream at 12 PM PT. Dive into Syft, Grype, and more. Don't miss out! https://www.youtube.com/watch?v=yUbyeeWWWYU #DevSecOps

Anchore

@anchore.com

3 days ago

Anchore SBOM Score = CVSS + EPSS + KEV status 📊

Because not all vulnerabilities are created equal ⚠️

https://anchore.com/platform/sbom/

#SoftwareSupplyChain #SBOM #CyberSecurity #Compliance #DevSecOps