DevSecOps

A collection of 71 posts

Why SAST + DAST can't be enough

Why SAST + DAST can't be enough

Static and dynamic app testing are cornerstones for any comprehensive AppSec program, yet they rarely rise up to the challenges of fully securing modern software. Discover why secrets are one of their critical blind spots.

Pulumi VS Terraform: The Definitive Guide to Choosing Your IaC Tool

Pulumi VS Terraform: The Definitive Guide to Choosing Your IaC Tool

Tiexin Guo Senior DevOps Consultant, Amazon Web Services Author | 4th Coffee In the cloud-native era, Infrastructure as Code (IaC; read more about it in this blog here) has become the de-facto standard for managing cloud infrastructure, and more. While Terraform has been around for