Operations | Monitoring | ITSM | DevOps | Cloud

May 2023

A guide to static application security testing (SAST)

Static application security testing (SAST) involves analyzing source code to identify and address potential security vulnerabilities. Using SAST early in development identifies threats before they can affect a live environment. SAST is particularly important for continuous integration and continuous deployment (CI/CD) pipelines. These pipelines automate the integration of new code changes into the main codebase and deploy applications to production environments.

Setting up continuous integration with CircleCI and GitLab

CircleCI supports GitLab as a version control system (VCS). In this tutorial you will learn how to set up your first CircleCI CI/CD pipeline for a project hosted on GitLab. As GitLab can be used either as a SaaS tool, as well as self-managed on-premise installation, I will cover the steps to connect it with CircleCI for both.

Role-based credential management with OIDC

In our article on managing static credentials, we discussed the necessity of secrets — the passwords, tokens, and API keys that connect digital services together — and the importance of keeping them secure so that your infrastructure and data are kept safe from intrusion and misuse. For organizations delivering software at scale, managing credentials across multiple teams and projects can quickly become tedious and error-prone, creating bottlenecks and unnecessary risk.

Platform Engineering: The Key to Successful Digital Transformation for the Enterprise

Explore how Platform Engineering can transform your enterprise and empower individual teams to work and ship independently, while maintaining compliance and governance requirements, through a centralised system. Discover: How CircleCI can help make platform engineering an integral part of their internal development platform. How to easily centralise essential components such as development processes, testing, infrastructure provisioning, project management, and observability. How platform teams operate in large organisations.