¡La Guía de Ciberseguridad de CI/CD de la Continuous Delivery Foundation ahora está disponible en español! 🚀
Ayuda a equipos de ingeniería, seguridad y plataforma a fortalecer sus pipelines y mejorar la seguridad de la cadena de suministro de software.
Disponible aquí: https://cstu.io/1f648e

Rethinking Post-Deployment Vulnerability Detection | OpenSSF Discover why security doesn't end at build time. Tracy Ragan explores how SBOMs and digital twins bridge the gap in post-deployment vulnerability detection.

Rethinking #Post-DeploymentVulnerabilityDetection - my thoughts on what we need to do to find and fix newly reported #CVEs fast. @openssf.org https://cstu.io/6086b1

Securing the Software Supply Chain with Tracy Ragan, Founder at DeployHub T3 Talks · Episode

On the topic of post-deployment #SoftwareVulnerabilities - Thank you, {(urn:li:organization:1771406)[Virginia Tech Applied Research Corporation]}, for inviting me to their T3Talks - podcast. My thoughts on #CTEM https://cstu.io/998d5f

If you are at #vulncon2026, come by and say hello. I will be speaking - Breakout 2 - on Wednesday. Topic: Production Is the New Attack Surface: Why Post-Deployment Endpoint Detection Is Now Critical

What are the most important questions you need to answer for managing CVEs in live environments? Here are 3 to consider: www.linkedin.com/pulse/3-questions-every-...

If you will be at #VulnCon2026, April 13-16, come find me. I will be speaking on Wednesday, Breakout 2 - love to chat. My talk: Production Is the New Attack Surface: Why Post-Deployment Endpoint Detection Is Now Critical https://cstu.io/1f081c

Rethinking Post-Deployment Vulnerability Detection | OpenSSF Discover why security doesn't end at build time. Tracy Ragan explores how SBOMs and digital twins bridge the gap in post-deployment vulnerability detection.

Rethinking #Post-DeploymentVulnerabilityDetection - my thoughts on what we need to do to find and fix newly reported #CVEs fast. @openssf.org https://cstu.io/6086b1

If you will be at #VulnCon2026, April 13-16, come find me. I will be speaking on Wednesday, Breakout 2 - love to chat. My talk: Production Is the New Attack Surface: Why Post-Deployment Endpoint Detection Is Now Critical https://cstu.io/1f081c

The {(urn:li:organization:19100461)[Continuous Delivery Foundation]} Delivery Foundation Awards are open - Nominate or self-nominate in general CDF categories, and for each project. @cdeliveryfdn.bsky.social Learn more at https://cstu.io/3cf10f

If you will be at #VulnCon2026, April 13-16, come find me. I will be speaking on Wednesday, Breakout 2 - love to chat. My talk: Production Is the New Attack Surface: Why Post-Deployment Endpoint Detection Is Now Critical https://cstu.io/1f081c

What are the most important questions you need to answer for managing CVEs in live environments? Here are 3 to consider: www.linkedin.com/pulse/3-questions-every-...

If you will be at #VulnCon2026, April 13-16, come find me. I will be speaking on Wednesday, Breakout 2 - love to chat. My talk: Production Is the New Attack Surface: Why Post-Deployment Endpoint Detection Is Now Critical https://cstu.io/1f081c

If you will be at #VulnCon2026, April 13-16, come find me. I will be speaking on Wednesday, Breakout 2 - love to chat. My talk: Production Is the New Attack Surface: Why Post-Deployment Endpoint Detection Is Now Critical https://cstu.io/1f081c

Survey: AI Coding Exacerbates Existing DevOps Workflow Issues - DevOps.com AI is accelerating software delivery, but this speed comes at a cost. More than half of respondents (51%) to a Harness survey report AI-generated code leads to deployment problems at least half the time. Find out more here.

So, AI has complicated our pipelines, AI needs to help us get out of the complexity. @techstronggroup.bsky.social {(urn:li:organization:10866176)[Techstrong Group]} devops.com/survey-ai-coding-exacerb...

The {(urn:li:organization:19100461)[Continuous Delivery Foundation]} Awards are open - Nominate or self-nominate in general CDF categories, and for each project. @cdeliveryfdn.bsky.social Learn more at https://cstu.io/3cf10f

It was a pleasure chatting with Steve on the topic of vulnerabilities, and how we can cut the constant noise by focusing on addressing the ones that impact our live systems - post deployment. www.techleadertalk.com/managing-software-vulner...

What are the most important questions you need to answer for managing CVEs in live environments? Here are 3 to consider: www.linkedin.com/pulse/3-questions-every-...

The {(urn:li:organization:19100461)[Continuous Delivery Foundation]} Awards are open - Nominate or self-nominate in general CDF categories, and for each project. @cdeliveryfdn.bsky.social Learn more at https://cstu.io/479549

Macrohard: what it is — and what it isn’t (yet) What is Macrohard?

Honestly, I'm having a 'hard' time taking this seriously. And I never hear about Grok .https://cstu.io/cc3c0a

It was a pleasure chatting with Steve on the topic of vulnerabilities, and how we can cut the constant noise by focusing on addressing the ones that impact our live systems - post deployment. www.techleadertalk.com/managing-software-vulner...

The CDF Awards are open - Nominate or self-nominate in general CDF categories, and for each project. @cdeliveryfdn.bsky.social Learn more at https://cstu.io/479549

hackerbot-claw: An AI-Powered Bot Actively Exploiting GitHub Actions - Microsoft, DataDog, and CNCF Projects Hit So Far - StepSecurity A week-long automated attack campaign targeted CI/CD pipelines across major open source repositories, achieving remote code execution in at least 4 out of 5 targets. The attacker, an autonomous bot called hackerbot-claw, used 5 different ex...

Check your repos! @openssf published their first security alert, and it is big. hackerbot-claw: An AI-Powered Bot Actively Exploiting GitHub Actions - Microsoft, DataDog, and CNCF Projects Hit So Far - StepSecurity https://share.google/nTL8rigasYgm2FA2b

It was a pleasure chatting with Steve on the topic of vulnerabilities, and how we can cut the constant noise by focusing on addressing the ones that impact our live systems - post deployment. www.techleadertalk.com/managing-software-vulner...

AWS's Crosier Talks Accelerating Intelligence With the Space-Based Cloud Clint Crosier explains the evolution of the space-based cloud, and how AWS worked for nearly a decade to solve one of the most important operational challenges of the modern, connected age – getting a firm grasp on big data.

Satellite technology will become our future data centers. Learn about the #Space-Based-Cloud {(urn:li:organization:2382910)[Amazon Web Services (AWS)]} https://cstu.io/b2cf1b

Why “Digital Twins” Matter, and What They Offer to DevSecOps and Platform Engineers Software continues to become more complex and vulnerable, with microservices, Agentic AI, orchestration, infrastructure as code, dynamic configurations, and fluid environments adding to the heap. Keeping track of software security and syste...

Digital Twins in #DevSecOps and #PlatformEngineering can be the future of rapid response to vulnerabilities running in production. #supplychainsecurity #CICD @cdeliveryfdn.bsky.sociald https://cstu.io/99cb03

AWS's Crosier Talks Accelerating Intelligence With the Space-Based Cloud Clint Crosier explains the evolution of the space-based cloud, and how AWS worked for nearly a decade to solve one of the most important operational challenges of the modern, connected age – getting a firm grasp on big data.

Satellite technology will become our future data centers. Learn about the #Space-Based-Cloud {(urn:li:organization:2382910)[Amazon Web Services (AWS)]} https://cstu.io/b2cf1b

AI agents 2026's biggest insider threat: PANW security boss interview: Lock 'em down

If you follow me, you know I've been talking about #AIAgent security A LOT over the last year. Here are points on the topic from Wendi Whitmore, Chief Security Intel Officer @paloaltonetworks.com https://cstu.io/39f4d8

Why “Digital Twins” Matter, and What They Offer to DevSecOps and Platform Engineers Software continues to become more complex and vulnerable, with microservices, Agentic AI, orchestration, infrastructure as code, dynamic configurations, and fluid environments adding to the heap. Keeping track of software security and syste...

Digital Twins in #DevSecOps and #PlatformEngineering can be the future of rapid response to vulnerabilities running in production. #supplychainsecurity #CICD @cdeliveryfdn.bsky.sociald https://cstu.io/99cb03

Personal Details of Thousands of Border Patrol and ICE Goons Allegedly Leaked in Huge Data Breach A DHS whistleblower appears to have exposed data on federal immigration workers after the shooting of Renee Good.

Well, this does not surprise me. https://cstu.io/d45371

New Cybersecurity Rules for Pentagon’s Satellite Vendors The Pentagon recently issued new rules on cybersecurity measures that commercial satellite operators must employ.

I think the Pentagon may have heard our DeployHub pitch - their new rules include: Implement security patch management for on-board and ground segment software, yes, Post-Deployment detection required #cybersecurity #satelliteoperators https://cstu.io/181ecd