Archive for the ‘DevSecOps’ Category

You are invited to our webinar on Docker, where we will present the latest updates to the product.Docker’s solution today offers advanced container management and image protection, and includes several key components: 🎥 On October 21 we delivered a live webinar on Docker which included: 👉🏻 Watch here here (leave your details and then the recording will […]

We have been chosen to officially represent the solutions of Docker ,
and we now offer licensing, support, integration with complementary tools, managed services and more.

Overview of how Docker connects with git and GitLab, offering best practices for workflows optimized for today’s DevOps environments

Docker recently introduced a new service – Docker Hardened Images (DHI). These are container images that are secure by default, built specifically for modern production environments.

Docker is highly valuable for software developers and engineers, making common tasks more efficient and reliable in daily workflows.
In this article we summarize the main benefits of using Docker by software engineers.

Executive summary: Most breaches involving “secrets” are not zero‑days – they’re the result of static passwords left in configs, long‑lived cloud keys scattered across systems, or environment variables that get copied into logs and crash dumps. HashiCorp Vault changes that story by replacing secrets‑at‑rest with just‑in‑time delivery and dynamic credentials that expire quickly and can […]

On September 8, 2025, a massive npm supply chain attack compromised 18 foundational JavaScript packages, putting billions of applications at risk. This sophisticated incident began with a phishing campaign targeting a prominent package maintainer, Josh Junon, who was lured into providing his login and two-factor authentication (2FA) credentials on a fake npm website. Attackers then used this access to publish malicious updates containing […]

Read how Mattermost incident response solutions help teams manage cybersecurity incidents

We’ve recently organized the videos we have recorded over the years into a centralized “library” of VOD (Video On-Demand)

We hosted Socket.dev company to discuss different aspects of OSS Vulnerabilities and Malware Prevention

We hosted Infisical company to discuss different aspects of secrets management

We’ve recently organized the videos we have recorded over the years into a centralized “library” of VOD (Video On-Demand) .We arranged it by products, tags, language and recording date (at your convivence). Feel free to find what interests you the most and watch! >> The DevOps VOD library is available here Do you want to […]

Besides version control and CI/CD, GitLab also offers a variety of security tests on your proprietary code (code you develop) or external code you use (i.e. open source), as well as code compliance capabilities – to help you ensure that you make proper and legal use of any open source libraries and code snippets. In […]

As a company that deals a lot with GitLab and Kubernetes and helps many customers with these issues, We are often asked about the nature of the connection between GitLab and GitLab CI/CD and Kubernetes, and in particular OpenShift. From ongoing engagement on the subject, we have accumulated quite a bit of knowledge and decided […]

Initially written in January 2022. Last update: April 2023 I’m frequently asked what the differences are between SonarQube versions. From the questions it is clear that the licensing options are not so clear and quite confusing, so I decided to write down the essential points and help make things right. Legend: Core differences What’s in […]