Operations | Monitoring | ITSM | DevOps | Cloud

The latest News and Information on Continuous Integration and Development, and related technologies.

circleci

Automating machine learning security checks using CI/CD

Jun 13, 2025 By Najia Gul In CircleCI
Machine learning (ML) pipelines are increasingly being treated like software; built, tested, deployed, and monitored using automated tooling. But while infrastructure as code and microservices have matured with security best practices, ML systems often lag behind. The truth is, your ML pipeline is part of your software supply chain and it is vulnerable.
Read Post
circleci

Build an AI-powered Golang code review agent with CircleCI and GitHub webhooks

Jun 13, 2025 By Olususi Oluyemi In CircleCI
Code reviews are a crucial step in maintaining code quality, but many developers find them tedious and inconsistent. What if you could get helpful feedback automatically, as soon as a pull request is opened? In this tutorial, you’ll learn how to set up and integrate an AI-powered code review agent into your Go project. The agent uses the OpenAI API to post contextual suggestions and praise directly on pull requests.
Read Post

DevEx Unpacked 003 - Scaling Cloudsmith, Security Innovation & Developer DNA with Tom Gibson

Jun 12, 2025 By Cloudsmith In Cloudsmith
Episode 003: In this episode of DevEx Unpacked, Alan Carson sits down with Tom Gibson, Principal Engineer and long-time Cloudsmith team member, to trace his journey from early start-up to leading strategic innovation in the CTO’s office. Tom shares behind-the-scenes stories about engineering through scale, building continuous security scanning, and what it takes to evolve a developer-first platform.
View Video
circleci

Supercharge your iOS and MacOS development: CircleCI offers M4 Pro resources

Jun 12, 2025 By Varun Sethi In CircleCI
For developers building on iOS and macOS, building the most performant software means having access to the latest Mac resources to quickly build, test, and deploy software. Apple’s newest M4 Pro chip represents yet another significant leap in Apple Silicon performance, delivering unprecedented speed and efficiency for development teams.
Read Post
jfrog

Achieving Sovereign AI with the JFrog Platform and NVIDIA Enterprise AI Factory

Jun 11, 2025 By Paul Garden In JFrog
Sovereign AI ensures control over AI/ML data, models, and infrastructure, which is now essential for enterprises, regulated industries, and national interests. JFrog and NVIDIA have collaborated to deliver a secure, scalable solution for sovereign AI. NVIDIA provides the accelerated computing and AI software while JFrog ensures trusted DevSecOps and MLOps practices across the entire AI lifecycle, from model development and security scanning to deployment at the edge and in air-gapped environments.
Read Post

DevEx Unpacked 002 - DevRel, Donuts & Distributed Systems with Dan McKinney

Jun 11, 2025 By Cloudsmith In Cloudsmith
Episode 002: In this episode of DevEx Unpacked, Alan Carson sits down with Dan McKinney, one of Cloudsmith’s earliest team members and now Head of Solutions Engineering. Dan reflects on his unique journey from writing docs and filming DevRel videos to leading high-stakes enterprise sales. Discover how Cloudsmith scaled from a two-person start-up to a platform trusted by global enterprises, why software supply chain security is more urgent than ever, and what features make developers and security teams lean in.
View Video
cloudsmith

OWASP CI/CD Part 6: Insufficient Credential Hygiene

Jun 10, 2025 By Nigel Douglas In Cloudsmith
This post, part six of our OWASP CI/CD Top 10 series, looks at some of the common risks associated with Insufficient Credential Hygiene. By better understanding the flaws that affect credential hygiene, we can better understand how even the most sophisticated pipelines were compromised.
Read Post

DevEx Unpacked 001 - Scaling Secure Software with Alison Sickelka

Jun 10, 2025 By Cloudsmith In Cloudsmith
Episode 001: In this inaugural episode of DevEx Unpacked, host Alan Carson sits down with Alison Sickelka, VP of Product at Cloudsmith, for a deep dive into the evolution of software supply chain security. Alison shares her journey from journalism to product leadership, the unique talent landscape in Belfast, and how Cloudsmith is pioneering secure artifact management. Learn how Cloudsmith's Enterprise Policy Management is shaping compliance strategies, why SBOMs are crucial, and where AI fits in a secure DevOps future.
View Video
jfrog

Multi-Stage Malware Attack on PyPI: Malicious Package Threatens Chimera Sandbox Users

Jun 10, 2025 By Guy Korolevski In JFrog
Open-source package repositories like the Python Package Index (PyPI) play a crucial role in software development. However, these platforms are also potential targets for malicious actors attempting to exploit application software vulnerabilities. The JFrog Security Research team regularly monitors open source software repositories using advanced automated tools, in order to detect malicious packages.
Read Post
signoz

CI/CD Observability with OpenTelemetry - A Step by Step Guide

Jun 10, 2025 By Elizabeth Mathew In SigNoz
In the fast-paced world of CI/CD, understanding the performance and behaviour of your pipelines is crucial. GitHub Actions has become a popular choice for automating builds and deployments, but anyone who's debugged a flaky workflow or long-running job knows how challenging it can be to get visibility into what's happening under the hood. We usually rely on build logs, timing data, or guesswork when something goes wrong.
Read Post

Copyright © 2026 OpsMatters™. All rights reserved.