devsecops
Safeguard articles tagged "devsecops" — guides, analysis, and best practices for software supply chain and application security.
706 articles
Tekton Pipelines Hardening Guide
A practical hardening guide for Tekton Pipelines covering TaskRun isolation, step image provenance, workspace secrets, and the CVE history that shaped the current defaults.
Argo CD GitOps Security Guide
Securing Argo CD deployments with RBAC, SSO integration, secret management, and network policies for production Kubernetes clusters.
AWS SAM Template Security Considerations
SAM templates look simple and that is exactly the problem. The defaults are generous, the transforms are opaque, and the resulting stacks are often more privileged than anyone intended.
Earthly Reproducible Builds and Security
How Earthly's reproducible, containerized build system eliminates environment drift and strengthens build integrity for security-conscious teams.
Multi-Stage Docker Builds: The Security Implications Nobody Talks About
Multi-stage builds reduce image size, but they also introduce security considerations around build secrets, layer caching, and dependency leakage.
Compliance as Code: Implementation Guide for Security Teams
Compliance as code transforms audit requirements into automated checks. This guide covers frameworks, tooling, and practical implementation for security teams.
Secure Development Environment Setup: A Practical Guide
Setting up a secure development environment involves more than installing an IDE. From OS hardening to credential management, here is a comprehensive checklist for security-conscious teams.
Platform Engineering and Security: Building Guardrails, Not Gates
Platform engineering teams are becoming the stewards of developer experience. Here's how to make supply chain security a built-in capability, not a bolt-on burden.
IAST vs RASP: Runtime Protection Approaches Compared
Interactive Application Security Testing and Runtime Application Self-Protection both operate at runtime, but they serve different purposes. Here is how they compare and when to use each.
Building a Security Automation Playbook Library for Supply Chain Defense
Security automation playbooks codify response procedures into executable workflows. A well-designed playbook library turns supply chain incidents from fire drills into routine operations.
JFrog Artifactory Hardening Guide
Artifactory is the most common artifact repository in enterprise. It is also a default-permissive system where misconfigurations compound. A concrete hardening guide.
Travis CI Security Best Practices
Security hardening for Travis CI pipelines covering secret management, build isolation, and migration considerations for teams still on the platform.