Tag
ci-cd-pipeline
Safeguard articles tagged "ci-cd-pipeline" — guides, analysis, and best practices for software supply chain and application security.
3 articles
Industry Analysis
Exploring vulnerabilities in GitHub Actions workflows
From the tj-actions/changed-files hijack to PyTorch's self-hosted runner breach, real incidents show how GitHub Actions workflows keep getting exploited.
May 17, 20266 min read
DevSecOps
What is DevSecOps
DevSecOps embeds security into every pipeline stage instead of a final review — here's what it means, how it works, and why Equifax and Log4Shell made it mandatory.
Apr 6, 20264 min read
DevSecOps
What is a CI/CD Pipeline
A CI/CD pipeline automates code from commit to deployment—but SolarWinds, Codecov, and CircleCI show it's also a top supply-chain attack target.
Jan 25, 20266 min read