Operations | Monitoring | ITSM | DevOps | Cloud

CircleCI

A guide to static application security testing (SAST)

Static application security testing (SAST) involves analyzing source code to identify and address potential security vulnerabilities. Using SAST early in development identifies threats before they can affect a live environment. SAST is particularly important for continuous integration and continuous deployment (CI/CD) pipelines. These pipelines automate the integration of new code changes into the main codebase and deploy applications to production environments.

Setting up continuous integration with CircleCI and GitLab

CircleCI supports GitLab as a version control system (VCS). In this tutorial you will learn how to set up your first CircleCI CI/CD pipeline for a project hosted on GitLab. As GitLab can be used either as a SaaS tool, as well as self-managed on-premise installation, I will cover the steps to connect it with CircleCI for both.

Role-based credential management with OIDC

In our article on managing static credentials, we discussed the necessity of secrets — the passwords, tokens, and API keys that connect digital services together — and the importance of keeping them secure so that your infrastructure and data are kept safe from intrusion and misuse. For organizations delivering software at scale, managing credentials across multiple teams and projects can quickly become tedious and error-prone, creating bottlenecks and unnecessary risk.

Platform Engineering: The Key to Successful Digital Transformation for the Enterprise

Explore how Platform Engineering can transform your enterprise and empower individual teams to work and ship independently, while maintaining compliance and governance requirements, through a centralised system. Discover: How CircleCI can help make platform engineering an integral part of their internal development platform. How to easily centralise essential components such as development processes, testing, infrastructure provisioning, project management, and observability. How platform teams operate in large organisations.

Static credential management for platform engineers

Cloud CI/CD is a force multiplier for development teams, especially those working remotely. Automated CI/CD takes load off of developers, allowing them to focus on building better products. Hosted CI/CD adds further benefit to this, ensuring that this newfound capacity isn’t spent managing the testing and deployment infrastructure, and that remote team members have easy access to CI/CD tools.

DevOps is dead? Nope, it is maturing ft. Jesse Robbins of Heavybit

In this episode, Rob sits down with the DevOps “party starter” himself, Jesse Robbins, to discuss the current state of software delivery. Is DevOps really dead, or are we simply witnessing a maturing model as organizations grow and evolve? Tune it to hear Jesse’s valuable take on where he sees the industry moving and the potential complexities on the horizon.

CircleCI config policies: A tale of empowerment and control

If you’ve worked in a large, security-minded organization, you know how developers’ need for speed often clashes with the organization’s need for security. Often this conflict erupts into a high-stakes battle between two teams with very different priorities and perspectives. Ok, it may not always be so dramatic, but the challenge of control and empowerment is very real.