Devsecops

What's the Deal with Shift-Left Security, and Why Should You Care?

What's the Deal with Shift-Left Security, and Why Should You Care?

Let's be honest: in today's software world, security can't be an afterthought. If you're still waiting until the end of your development cycle to think about vulnerabilities, you're doing it wrong. Th

#Shift Left Security #SAST #DAST +7 tags
read more
Container Image Signing with Cosign: A Hands-On Guide to Secure Your Supply Chain

Container Image Signing with Cosign: A Hands-On Guide to Secure Your Supply Chain

In today's fast-paced software world, we all rely on container images to package and run our apps. They're super consistent and efficient, which is great! But this ease also brings new security headac

#Cosign #Sigstore #Container Signing +4 tags
read more
The Democratization of Container Security: Docker Hardened Images

The Democratization of Container Security: Docker Hardened Images

On December 17, 2025, the world of container security changed in a big way. Docker decided to open up its entire catalog of over 1,000 Docker Hardened Images (DHI) to everyone under the Apache 2.0 lic

#Docker Hardened Images #Distroless #SBOM +5 tags
read more
Compliance as Code: Making Security Easier with Terraform and InSpec

Compliance as Code: Making Security Easier with Terraform and InSpec

Hey, so you know how keeping our tech stuff secure and following all the rules can be a real headache these days? With everything moving to the cloud and so many regulations popping up, it's tough to

#Compliance #NIST #ISO 27001 +7 tags
read more