DZone.com Feed

Zero Trust in CI/CD Pipelines: A Practical DevSecOps Implementation Guide (Fri, 12 Dec 2025)
Securing modern CI/CD pipelines has become significantly more challenging as teams adopt cloud-native architectures and accelerate their release cycles. Attackers now target build systems, deployment workflows, and the open-source components organizations rely on every day. This tutorial provides a practical look at how Zero Trust principles can strengthen the entire software delivery process. It walks through real steps you can apply immediately using identity-based authentication, automated scanning, policy checks, and hardened Kubernetes deployments. The goal is simple: make sure that only trusted code, moving through a trusted pipeline, reaches production. As organizations continue transitioning to cloud-native applications and distributed systems, the CI/CD pipeline has become a critical part of the software supply chain. Unfortunately, this also makes it an increasingly attractive target for attackers. Compromising a build system or deployment workflow can lead to unauthorized code changes, credential theft, or even the silent insertion of malicious workloads into production.
>> Read More

ITBench, Part 3: IT Compliance Automation with GenAI CISO Assessment Agent (Fri, 12 Dec 2025)
Developed as part of IBM's ITBench framework, which we introduced in ITBench, Part 1: Next-Gen Benchmarking for IT Automation Evaluation, the Chief Information Security Officer (CISO) Compliance Assessment Agent (CAA) represents a pioneering methodology for automating cybersecurity compliance processes in modern IT environments. This AI-powered agent addresses the critical challenge of scaling security compliance operations in complex, rapidly evolving IT environments and technologies. Traditional compliance approaches that rely on dedicated security teams to manually identify weaknesses and assess compliance posture are no longer viable for modern organizations operating at scale. 
>> Read More

Secrets in Code: Understanding Secret Detection and Its Blind Spots (Fri, 12 Dec 2025)
In a world where attackers routinely scan public repositories for leaked credentials, secrets in source code represent a high-value target. But even with the growth of secret detection tools, many valid secrets still go unnoticed. It’s not because the secrets are hidden, but because the detection rules are too narrow or overcorrect in an attempt to avoid false positives. This creates a trade-off between wasting development time investigating false signals and risking a compromised account. This article highlights research that uncovered hundreds of valid secrets from various third-party services publicly leaked on GitHub. Responsible disclosure of the specific findings is important, but the broader learnings include which types of secrets are common, the patterns in their formatting that cause them to be missed, and how scanners work so that their failure points can be improved.
>> Read More

Synergizing Intelligence and Orchestration: Transforming Cloud Deployments with AI and Kubernetes (Fri, 12 Dec 2025)
Artificial Intelligence  Artificial Intelligence (AI) is reshaping the way today's cloud infrastructure is operated and deployed natively with Kubernetes. AI has become a major driver in helping global businesses streamline resources, scale workloads, and automate several activities. By incorporating AI with Kubernetes, cloud management advances to an entirely new level, enabling smarter decision making, automation, and complete optimization of resources. In this article, we describe how AI can support cloud platforms — especially those powered by Kubernetes — outlining the barriers to adoption and the concrete results achieved when these technologies are applied. As cloud computing matures, the demand for more efficient, scalable and automated cloud deployment continues to grow, pushing organizations to redefine their cloud environments. Kubernetes, the open-source container orchestration platform, has become fundamental for managing container-based applications in the cloud. AI is transforming how cloud resources are utilized, and Kubernetes provides an advanced platform for deploying containerized applications automatically. Together, they form a strong foundation for an ecosystem that fosters innovation, scalability and cost-effectiveness. This article discusses how the combination of AI and Kubernetes is streamlining cloud operations and enabling unprecedented levels of efficiency and creativity. 
>> Read More

DevOps Cafe Podcast

DevOps Cafe Ep 79 - Guests: Joseph Jacks and Ben Kehoe (Mon, 13 Aug 2018)
Triggered by Google Next 2018, John and Damon chat with Joseph Jacks (stealth startup) and Ben Kehoe (iRobot) about their public disagreements — and agreements — about Kubernetes and Serverless. 
>> Read More

DevOps Cafe Ep 78 - Guest: J. Paul Reed (Mon, 23 Jul 2018)
John and Damon chat with J.Paul Reed (Release Engineering Approaches) about the field of Systems Safety and Human Factors that studies why accidents happen and how to minimize the occurrence and impact. Show notes at http://devopscafe.org
>> Read More

DevOps Cafe Ep. 77 - Damon interviews John (Wed, 20 Jun 2018)
A new season of DevOps Cafe is here. The topic of this episode is "DevSecOps." Damon interviews John about what this term means, why it matters now, and the overall state of security.  Show notes at http://devopscafe.org
>> Read More