#ci-cd

Articles tagged with #ci-cd

Pipeline Security and Supply Chain Risk: Closing the Gap Between AppSec and CloudSec
Why the assumption that CI/CD is a trusted internal tool has already cost organisations dearly
May 19, 202612 min read
Implementing Secret Scanning with git secrets, trufflehog, and Snyk Dependency Checks using GitHub Actions Workflows
I am learning about the basics of creating a blueprint for a secure CI/CD pipeline. Recently, I had the opportunity to implement secret scanning using git secrets and trufflehog, as well as integrate Snyk for dependency checks, all within GitHub Acti...
Jul 14, 20233 min read1.0K