SDLC Archives - Page 11 of 11 - Xygeni AI-Powered AppSec Platform

07 Dec What can go wrong with CI/CD pipelines?

Posted at 15:08h in CI CD Security, SDLC by Luis Rodríguez 0 Comments

Continuous integration and continuous delivery (CI/CD) pipelines are the foundation of any software organization that builds software in a "modern" way. Automation provides great power, but most developers miss the responsibility it entails. Developer: Yeah, we take CI/CD security seriously and have strong control on code maintainers, review...

11 Nov Lack of Version Pinning and Dependency Confusion

Posted at 14:58h in SDLC, Software Supply Chain by Félix Carnicero 0 Comments

In software development we depend on both own and third-party components or artifacts. A flexible Dependency Management is essential for modern software. Package managers like NPM, Maven, pip or NuGet are often used to specify software dependencies. These tools were designed with convenience and ease-of-use in mind, not security. The problem The problem...

SDLC

07 Dec What can go wrong with CI/CD pipelines?

11 Nov Lack of Version Pinning and Dependency Confusion

Products

Resources

Company

Legal