ZDNet

CI build logs continue to expose company secrets

Security researchers are still finding secrets hidden deep inside continuous integration services, years after the issue become common knowledge. Continuous integration (CI) is a coding methodology ...
SecurityWeek

Build Application Firewalls Aim to Stop the Next Supply Chain Attack

Build Application Firewalls (BAFs) are emerging as a new defense against software supply chain attacks by inspecting ...
InfoQ

Pinterest Engineering Reduces Android CI Build Times by 36% with Runtime-Aware Sharding

Pinterest published a technical case study detailing how its engineering team cut Android end-to-end (E2E) continuous integration (CI) build times by more than 36 percent by adopting a runtime-aware ...

How To Build Security Into DevSecOps Without Delaying Compliance

In regulated industries, DevSecOps teams have to satisfy strict audit, traceability and documentation requirements that can turn security reviews into a drag on delivery.