Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

Yonit Gruber-Hazani: Securing the Pipeline: Remediating CI/CD Vulnerabilities with SLSA | DevSecNext

Mar 19, 2025 By Jit In Jit
Software supply chain attacks are on the rise, exploiting gaps in CI/CD pipelines to introduce malicious code. In this talk, Yonit Gruber-Hazani dives deep into common CI/CD vulnerabilities and how to mitigate them using the SLSA (Supply-chain Levels for Software Artifacts) framework. This talk was recorded at DevSecNext, a community-driven event reimagining how we share security insights—short, to the point, and packed with actionable takeaways.
View Video

Panel Discussion - The Evolving Threat Landscape: Risks in the Age of AI Disruption | DevSecNext

Mar 19, 2025 By Jit In Jit
As AI reshapes industries, it also introduces a wave of emerging security risks—some known, others yet to be discovered. In this DevSecNext panel discussion, experts from engineering, cloud business, venture capital, and security innovation dive deep into the intersection of AI disruption and the evolving threat landscape. This talk was recorded at DevSecNext, a community-driven event reimagining how we share security insights—short, to the point, and packed with actionable takeaways.
View Video

Erik Zaadi - Platform Engineering to the Rescue: Making DevSecOps Work for Everyone | DevSecNext

Mar 19, 2025 By Jit In Jit
How can organizations make DevSecOps accessible and effective for every team? Platform Engineering is the answer. In this talk, Erik explores how developer portals and golden paths help streamline security, automate remediation, and create scalable, secure development workflows without adding friction. This talk was recorded at DevSecNext, a community-driven event reimagining how we share security insights—short, to the point, and packed with actionable takeaways.
View Video

Inbar Raz - Living off Microsoft Copilot | DevSecNext

Mar 19, 2025 By Jit In Jit
What happens when hackers weaponize Microsoft Copilot? In this eye-opening session, Inbar Raz takes a red-team-level deep dive into how attackers can abuse Copilot to exfiltrate data, bypass security controls, and even social engineer victims—automated by AI. This talk was recorded at DevSecNext, a community-driven event reimagining how we share security insights—short, to the point, and packed with actionable takeaways.
View Video
jit

Announcing Jit's Customizable SAST Rulesets: Detect Security Issues Unique to Your Environment

Mar 18, 2025 By Jit In Jit
We’re excited to announce Jit's Customizable SAST Rulesets, a powerful new feature that allows AppSec and DevOps teams to create and manage custom Semgrep rules tailored to their specific security needs. With Jit orchestrating Semgrep scans across the entire codebase and continuously analyzing every code change, teams can now ensure security gaps are identified and addressed before they reach production.
Read Post
sysdig

Automating DevSecOps with Sysdig and PagerDuty

Mar 18, 2025 By Eric Carter In Sysdig
Effectively responding to cloud security incidents can be daunting for organizations expanding rapidly in the cloud. Whether you face a policy violation or an active threat, quick and reliable alerting and response are essential to keeping cloud services secure and available. For many organizations, Sysdig and PagerDuty each play a critical role in automating DevSecOps and helping modern IT operations and security teams respond effectively.
Read Post
jit

Jit + Semgrep Code: Unifying Best-in-Class SAST with Complete Product Security

Mar 13, 2025 By Jit Team In Jit
We’re excited to announce Jit’s integration with Semgrep Code, bringing best-of-breed static application security testing (SAST) into Jit’s complete product security platform. This integration makes it easier than ever for security teams to detect, unify, and prioritize code security vulnerabilities alongside other product security risks.
Read Post
jit

Jit + Google Cloud: Strengthening Cloud Security with CSPM and Google Chronicle Integration

Mar 11, 2025 By Jit Team In Jit
We’re excited to announce our deepening partnership with Google Cloud, marked by two major milestones: Jit has received the “New Customer Acquisition” award from GCP Israel—recognizing our success in helping businesses enhance their cloud security on Google Cloud.
Read Post
Snyk

DevSecOps Automation Framework

Mar 11, 2025 By Ben Desjardins In Snyk
Security is often seen as a roadblock in development, slowing releases and adding friction between teams. However, as software development cycles become faster and more complex, security must evolve from a blocker to an innovation driver. DevSecOps ensures security is a core part of the development workflow, and automation plays a crucial role in making this integration smooth and effective.
Read Post
jit

It's Time Developers Say Goodbye to Code Vulnerability Backlogs

Mar 5, 2025 By Charlie Klein In Jit
Without the widespread developer adoption of security tools, it's extremely difficult to build secure applications in the cloud. Developers aren’t security experts, which is why development teams will leverage application security tools – like SAST, SCA, IaC Scanning, secrets detection, and other technologies – to scan their code and surface vulnerabilities. These tools are often resisted by developers.
Read Post

Copyright © 2026 OpsMatters™. All rights reserved.