The latest News and Information on Continuous Integration and Development, and related technologies.
When security incidents happen, it’s crucial for software providers and users alike to take swift and effective action. In response to our recent security incident, we witnessed firsthand how an open and collaborative effort between our customers, technology partners, and engineering teams helped to contain the threat and mitigate risk of unauthorized access to customer systems.
If you're a DevOps team looking for ways to improve your performance, you've probably heard of the Accelerate and DORA metrics. Tracking your performance with these metrics is a challenge, requiring good tooling. You might be tempted to build your own tracking solution, but you don’t need to! Due to the growing popularity of DORA metrics, several tracker tools are available on the market. But how do you choose the best DORA metrics tracker for you? This handy comparison guide will help!
Well-designed secrets management is a delicate balancing act between security and usability. Secrets must be easily accessible to the right users when building and deploying, but they must also at the same time be well-secured and easy to rotate. This article will cover how to thread this needle by integrating CircleCI with HashiCorp Vault and retrieving secrets using short-lived OpenID Connect (OIDC) authentication tokens.
Welcome to the DevSecOps and CI/CD security guide. Browse through each section to discover various relevant resources to ensure security of your applications and infrastructure.
Welcome to 2023! The year of the Linux Desktop, the rise of AI, Software Bill of Materials (SBOM), DevOps is Dead, Platform Engineering is Alive, and a CNCF landscape that won’t be getting any simpler! Seriously, the technology and software sector is growing at a faster pace than any time I can ever recall. Where do we even begin? I hope you enjoy some predictions and trends that will become more and more evident in 2023.
