GitLab security scanning – part 3: Kubernetes deployments 05/16/22 by Sven Hertzberg In part 1 and part 2, we focused on different types of security scanning practices. In this article we will... Read more Leave your thoughts
Keycloak.X, but secure – without vulnerable libraries 05/10/22 by Sebastian Rose and Thomas Darimont TLDR: How to reduce the known CVEs (common vulnerabilities and exposures) to zero by creating your own Keycloak distribution*. Introduction... Read more Leave your thoughts
GitLab security scanning – part 2 04/19/22 by Sven Hertzberg … Containers … applications … licenses … In part 1 of the article series, we focused on static scanning of... Read more Leave your thoughts
GitLab security scanning 03/14/22 by Sven Hertzberg Secure.Your.Code! …At all stages…Automatically…Always…Starting with the first line of your code… Today, the security scanning of code, containers and applications... Read more Leave your thoughts
Overview of hardened container base images 08/10/21 by Christian Zunker How to choose the best container base image? What does “best” mean in this context? This blog post will not... Read more Leave your thoughts
How mature is your DevOps? – Some thoughts on measuring progress 06/07/21 by Nicolas Byl How do you measure your progress towards DevSecOps? Is there some sort of maturity model or a required skill set for everyone involved? Read more Leave your thoughts
Apache PLC4X, the missing link for industrial innovation 04/23/19 by Christofer Dutz After 16 months of incubation, the Apache PLC4X project is now an official top-level project of the Apache Software Foundation. Read more Leave your thoughts
Compliance is not security 05/25/18 by Kevin Wennemuth Often daily business in companies starts with a fresh compliance audit. Everything seems to be measured, documented, regulated. It's secure. But is this a sufficient security strategy? Read more Leave your thoughts