The Ultimate Guide to DevSecOps
A curated Irish edition of TechDay news, analysis, interviews, reviews, job moves, and related resources for DevSecOps.
What to know about DevSecOps
DevSecOps represents the integration of security practices within the DevOps process, aiming to build security into every phase of software development and delivery. This approach helps organisations accelerate development cycles while maintaining strong security and compliance standards.
Exploring recent stories tagged with DevSecOps reveals a dynamic field where AI-driven tools, cloud-native security, and collaboration between development, security, and operations teams are shaping the future of secure software delivery. Topics such as risk management, container and API security, supply chain protection, and the rising importance of observability and automation are frequently discussed.
For readers interested in how organisations are addressing evolving cybersecurity threats while enhancing agility and innovation, the DevSecOps tag offers insights into technology advancements, cultural shifts, and best practices that help teams deliver resilient, secure software faster. Whether you are a developer, security professional, or IT leader, following DevSecOps stories provides valuable perspectives on securing modern software development in an increasingly complex digital landscape.
Analyst Insights
Research and market analysis connected to DevSecOps
Quali expands Torque for enterprise AI infrastructure
Checkmarx launches AI inventory for code governance
Secure Code Warrior launches AI adoption model for CISOs
Checkmarx named leader in Gartner supply chain quadrant
Cycloid launches managed environments for platform teams
Featured News
Humanoid robots, 0-day defence among Info-Tech trends for '27
Agentic AI, zero-day surge, sovereign cloud, and humanoid robots will define IT strategy in 2027, Info-Tech Research Group warns.
Google Cloud CEO sets out enterprise AI agent plan
Enterprises will get one place to build, govern and run AI agents, as Google Cloud expands Gemini Enterprise across models, data and security.
Expert Columns
Your annual penetration testing is already out of date
As agentic development accelerates, workflow auditability becomes a bottleneck
Secure by default: Moving beyond secure by design
Why the next endpoint and SASE disruption will not come from a security vendor
The security challenges in AI-assisted software development
Interviews
Interviews and video coverage from the network
Recent DevSecOps News
Linux Foundation launches Akrites to fix open source flaws
Backed by Amazon, Google and Microsoft, the scheme aims to speed fixes for flaws that could ripple through banks, hospitals and power grids.
Qodo launches governance tools for AI code reviews
AI-generated code is outpacing enterprise review processes, prompting Qodo to add tools that flag cross-repo risks and enforce standards.
Oracle expands defence ecosystem with 10 new firms
Defence buyers could gain faster access to AI, robotics and secure communications as Oracle broadens its programme with 10 more start-ups.
NCC Group joins OpenAI Daybreak cyber partner programme
The tie-up gives NCC Group early access to GPT-5.5-Cyber, as OpenAI seeks trusted testers for defensive uses of its cyber tools.
New Relic launches startup AI observability programme
The offer gives early-stage AI startups free monitoring and engineering support as software failures can quickly damage customer trust and funding prospects.
Dify flaws expose cross-tenant AI data, Zafran says
Users of Dify's cloud service could have had private chats and files exposed after Zafran Security disclosed four flaws in the AI platform.
Tsuga raises USD $35 million to expand AI observability
Rising AI data volumes are forcing observability vendors to rethink pricing and storage as Tsuga wins fresh backing to keep telemetry in-house.
GitLab warns of AI code governance gap in new report
Most organisations now use multiple AI coding tools, but many still cannot reliably trace, review or govern the code once it reaches production.
IBM joins OpenAI cyber programme with app security tool
Enterprise security teams gain a new AI-assisted way to spot exploitable code flaws, as IBM widens its cyber work with OpenAI.
Finite State to spotlight automotive supply chain security
Carmakers face tougher proof requirements as software-heavy vehicles multiply vulnerabilities across suppliers, apps and cloud systems.
OpenAI expands Daybreak with patching tools & partners
The move aims to help defenders turn faster vulnerability discovery into working fixes, as OpenAI broadens access to its cyber tools and partners.
Qualys study calls for unified attack surface management
Security teams want daily scanning and clearer risk rankings as cloud sprawl and third-party reliance widen attack surfaces, a survey found.
Spur adds no-code Cloudflare integration for Monocle
Security teams can now block or review suspicious anonymised traffic in minutes, with no engineering work, through Spur's new Cloudflare link.
GitGuardian launches endpoint protection for laptops
A single compromised laptop can expose thousands of live keys, according to GitGuardian's early field tests, as attacks shift to developer machines.
Checkmarx launches hybrid AI engine for code scanning
False alerts and missed flaws are the target as the new engine aims to help security teams scan AI-written code more reliably.
Mini Shai-Hulud worm turns public, NCC Group warns
Public release of the Mini Shai-Hulud code means copycat attacks can now hit developers, CI/CD systems and open-source supply chains.
CrowdStrike expands QuiltWorks with AWS on AI security
AWS customers will gain broader visibility into AI and cloud risks as CrowdStrike adds new monitoring, trials and private connectivity.
Patchstack & GoDaddy add WordPress vulnerability detection
Eligible Managed WordPress customers gain visibility into flaws as they are disclosed, as WordPress attacks are being exploited within hours.
Cloud202 launches Qubitz AI for cheaper business apps
Enterprises could cut AI app development costs by up to 80% as Cloud202 targets the gap between prototypes and secure production systems.
Cohesity launches Maestro to bring backup into AI apps
Backup and recovery tasks can now be triggered inside popular AI assistants, as Cohesity opens its tools to external workflows through MCP.