🔄 DevSecOps - moznotes

durrello/logsentry: Serverless log-scanning pipeline that detects secrets, credentials, and sensitive data in application logs. AWS Lambda + Kinesis + DynamoDB + SNS. Terraform IaC, CI/CD, DevSecOps.

🛠️Product Security Code

github.com··DEV

Automated Phased Hybrid PQC-TLS Migration via DevSecOps Pipeline

🛠️Product Security

eprint.iacr.org·

A "Shift-Left" Approach

💰Budget

dlnext.acm.org·

DockSec: Open-source AI-powered Docker security scanner

☁️Cloud Security

helpnetsecurity.com·

Is GitHub Actions Putting Your Software at Risk?

⛓️Blockchain Security

spin.atomicobject.com·

DockSec combines AI with open-source scanners to automate Docker remediation

🛠️Product Security

4sysops.com·

Reduce Memory Redesigns With Shift-Left

👥Engineering Management

semiengineering.com·

MOLOT System Card: Malicious Operational Logic Observation Transformer

🛠️Product Security Academic

arxiv.org·

GitLab on Google Cloud: Fully managed, compliant, and AI-ready

🖥️Self-hosted apps Blog

about.gitlab.com·

Poisoned Pipelines: Invisible Vulnerabilities Threatening CI/CD Security

☁️Cloud Security Blog

pearlsofwizdom.medium.com·

Path traversal flaw in AI dev platform Langflow exploited in attacks

🧠LLM Engineering News

bleepingcomputer.com·

We Cut Semgrep's Taint Analysis Time by 75%

⚡Systems Performance Blog

semgrep.dev··Hacker News

I dogfooded my code review tool on 67 of my own files. Now I need harsher feedback.

👨‍💻AI Coding Blog

indiehackers.com·

The Hidden Risks of AI-Written DevOps Pipelines

🛠️Product Security Blog

talent500.com·

Over 100 NPM, PyPI Packages Hit in New Shai-Hulud Supply Chain Attacks

🛡Cybersecurity

securityweek.com·

Building an AI Security Pipeline Agent: The Future of Autonomous DevSecOps

🛠️Product Security

meetcyber.net

SAST vs SCA: Key Differences for AppSec Teams

Agentic DevSecOps: AI Security Co-Pilots for Your CI/CD Pipeline

Making Semgrep rip: How Ripgrep inspired us to shave hours off (some) scans

From Gemini CLI to Antigravity CLI: Automated OWASP Security Compliance and Agentic Remediation in…

durrello/logsentry: Serverless log-scanning pipeline that detects secrets, credentials, and sensitive data in application logs. AWS Lambda + Kinesis + DynamoDB + SNS. Terraform IaC, CI/CD, DevSecOps.

Automated Phased Hybrid PQC-TLS Migration via DevSecOps Pipeline

A "Shift-Left" Approach

DockSec: Open-source AI-powered Docker security scanner

Is GitHub Actions Putting Your Software at Risk?

DockSec combines AI with open-source scanners to automate Docker remediation

Reduce Memory Redesigns With Shift-Left

MOLOT System Card: Malicious Operational Logic Observation Transformer

GitLab on Google Cloud: Fully managed, compliant, and AI-ready

Poisoned Pipelines: Invisible Vulnerabilities Threatening CI/CD Security

Path traversal flaw in AI dev platform Langflow exploited in attacks

We Cut Semgrep's Taint Analysis Time by 75%

I dogfooded my code review tool on 67 of my own files. Now I need harsher feedback.

The Hidden Risks of AI-Written DevOps Pipelines

Over 100 NPM, PyPI Packages Hit in New Shai-Hulud Supply Chain Attacks

Building an AI Security Pipeline Agent: The Future of Autonomous DevSecOps