BestHub
Sign in
Tagged articles
2 articles
Page 1 of 1
DevOps Operations Practice
DevOps Operations Practice
Oct 8, 2023 · Information Security

Essential DevSecOps Tools for Securing CI/CD Pipelines

This article introduces five open‑source DevSecOps tools—Trivy, Gerrit, OWASP Dependency‑Check, Arachni, and Falco—that help integrate automated security checks into CI/CD pipelines, improve vulnerability detection, and ensure compliance throughout the software delivery process.

ArachniDevSecOpsFalco
0 likes · 5 min read
Essential DevSecOps Tools for Securing CI/CD Pipelines
Programmer DD
Programmer DD
Jan 1, 2022 · Information Security

How Maven’s New Vulnerability Highlight Helps Prevent Log4j‑Style Exploits

The article explains Maven Central's new "Vulnerabilities" column that highlights known CVEs for each dependency, discusses its relevance to recent Log4j2 risks, and shows how to use the OWASP Dependency‑Check Maven plugin to scan and report vulnerable Java libraries.

OWASP Dependency-CheckSoftware SecurityVulnerability Management
0 likes · 5 min read
How Maven’s New Vulnerability Highlight Helps Prevent Log4j‑Style Exploits