Please turn on your JavaScript for this page to function normally.
software
How to make Infrastructure as Code secure by default

Infrastructure as Code (IaC) has become a widely adopted practice in modern DevOps, automating the management and provisioning of technology infrastructure through …

DevOps
Number of incidents affecting GitHub, Bitbucket, GitLab, and Jira continues to rise

Outages, human errors, cyberattacks, data breaches, ransomware, security vulnerabilities, and, as a result, data loss are the reality that DevSecOps teams have to face every …

Martin Reynolds
Maintaining human oversight in AI-enhanced software development

In this Help Net Security interview, Martin Reynolds, Field CTO at Harness, discusses how AI can enhance the security of software development and deployment. However, …

JetBrains
Users of JetBrains IDEs at risk of GitHub access token compromise (CVE-2024-37051)

JetBrains has fixed a critical vulnerability (CVE-2024-37051) that could expose users of its integrated development environments (IDEs) to GitHub access token compromise. …

Ken Gramley
How to combat alert fatigue in cybersecurity

In this Help Net Security interview, Ken Gramley, CEO at Stamus Networks, discusses the primary causes of alert fatigue in cybersecurity and DevOps environments. Alert fatigue …

git
Critical Git vulnerability allows RCE when cloning repositories with submodules (CVE-2024-32002)

New versions of Git are out, with fixes for five vulnerabilities, the most critical (CVE-2024-32002) of which can be used by attackers to remotely execute code during a …

certificates
How Google’s 90-day TLS certificate validity proposal will affect enterprises

Announced last year, Google’s proposal to reduce the lifespan of TLS (transport layer security) certificates from 13 months to 90 days could be implemented in the near future. …

software
Using cloud development environments to secure source code

In this Help Net Security video, Rob Whiteley, CEO at Coder, discusses the cloud development environment (CDE) technology landscape and its benefits. From the earliest stages …

TeamCity JetBrains
Critical vulnerabilities in TeamCity JetBrains fixed, release of technical details imminent, patch quickly! (CVE-2024-27198, CVE-2024-27199)

JetBrains has fixed two critical security vulnerabilities (CVE-2024-27198, CVE-2024-27199) affecting TeamCity On-Premises and is urging customers to patch them immediately. …

DevOps
Key areas that will define the intersection of AI and DevOps

Eficode research indicates that 96% of developers use AI tools, with most coders bypassing security policies to use them. With no standardized AI tool regulations, researchers …

Itamar Friedman
AI-driven DevOps: Revolutionizing software engineering practices

In this Help Net Security interview, Itamar Friedman, CEO of Codium AI, discusses the integration of AI into DevOps practices and its impact on software development processes, …

DevSecOps
How to make developers accept DevSecOps

According to a recent Dynatrace report, only 50% of CISOs believe that development teams have thoroughly tested the software for vulnerabilities before deploying it into the …

Don't miss

Cybersecurity news