Operations | Monitoring | ITSM | DevOps | Cloud

CircleCI

Zero trust security for CI/CD pipelines

The zero trust security model is an approach to network security that enforces strict access controls and authentication at every stage of the software development lifecycle. It treats every user, device, and transaction as a security risk and uses the principle of least privilege to restrict access to sensitive resources and minimize the potential attack surface.

A guide to static application security testing (SAST)

Static application security testing (SAST) involves analyzing source code to identify and address potential security vulnerabilities. Using SAST early in development identifies threats before they can affect a live environment. SAST is particularly important for continuous integration and continuous deployment (CI/CD) pipelines. These pipelines automate the integration of new code changes into the main codebase and deploy applications to production environments.

Setting up continuous integration with CircleCI and GitLab

CircleCI supports GitLab as a version control system (VCS). In this tutorial you will learn how to set up your first CircleCI CI/CD pipeline for a project hosted on GitLab. As GitLab can be used either as a SaaS tool, as well as self-managed on-premise installation, I will cover the steps to connect it with CircleCI for both.

Role-based credential management with OIDC

In our article on managing static credentials, we discussed the necessity of secrets — the passwords, tokens, and API keys that connect digital services together — and the importance of keeping them secure so that your infrastructure and data are kept safe from intrusion and misuse. For organizations delivering software at scale, managing credentials across multiple teams and projects can quickly become tedious and error-prone, creating bottlenecks and unnecessary risk.

Platform Engineering: The Key to Successful Digital Transformation for the Enterprise

Explore how Platform Engineering can transform your enterprise and empower individual teams to work and ship independently, while maintaining compliance and governance requirements, through a centralised system. Discover: How CircleCI can help make platform engineering an integral part of their internal development platform. How to easily centralise essential components such as development processes, testing, infrastructure provisioning, project management, and observability. How platform teams operate in large organisations.

Static credential management for platform engineers

Cloud CI/CD is a force multiplier for development teams, especially those working remotely. Automated CI/CD takes load off of developers, allowing them to focus on building better products. Hosted CI/CD adds further benefit to this, ensuring that this newfound capacity isn’t spent managing the testing and deployment infrastructure, and that remote team members have easy access to CI/CD tools.

DevOps is dead? Nope, it is maturing ft. Jesse Robbins of Heavybit

In this episode, Rob sits down with the DevOps “party starter” himself, Jesse Robbins, to discuss the current state of software delivery. Is DevOps really dead, or are we simply witnessing a maturing model as organizations grow and evolve? Tune it to hear Jesse’s valuable take on where he sees the industry moving and the potential complexities on the horizon.