Category: DevSecOps
-
DevSecOps Is Not About Installing Security Tools
—
by
If I joined a company today as a DevSecOps Engineer, the first thing I would not do is install more…
-
Your Threat Model Will Fail – And Here’s Why
—
by
There’s a quiet assumption baked into most security programs: “If we threat model well enough, we can predict and prevent…
-
SBOMs Are Not Enough: What Real Supply Chain Security Looks Like
—
by
Software supply chain security has become one of the most talked-about topics in modern engineering and for good reason. Attacks…
-
Rethinking Container Security: From Fragmented Practices to a Simple, Usable Flow
—
by
Containerization has transformed how we build and deploy software. With tools like Docker and Kubernetes, developers can move faster than…
-
From DevSecOps to MLSecOps: Securing the AI Development Lifecycle
—
by
In recent years, organisations have matured their software-development practices through models like DevSecOps integrating security (“Sec”) into the development (Dev)…