all InfoSec news logo
all InfoSec news - Your InfoSec news aggregator
Log in Sign up
all InfoSec news

From Theory to Practice: Navigating NIST’s CI/CD Security Strategies

Add to bookmarks
Sept. 11, 2023, 9:32 p.m. | Neta Spektor

Security Boulevard securityboulevard.com




On August 30, 2023, NIST published SP 800-204D, an Initial Public Draft (IPD) Named: “Strategies for the Integration of Software Supply Chain Security in DevSecOps CI/CD pipelines”. The publication takes the SSDF's high-level policies and sets a guideline for how to comply to them using CI/CD pipelines. With this, you can automate the process of compliance, guarantee that all artifacts that went through the pipelines are compliant, and make the process as zero-trust as possible.


This blog post delves …

august cd pipelines cd security devsecops explainers high integration nist pipelines policies practice public security security strategies software software supply chain software supply chain security strategies supply supply chain supply chain security theory

Visit resource

More from securityboulevard.com / Security Boulevard

Airsoft Data Breach Exposes Data of 75,000 Players 3 hours ago | securityboulevard.com
airsoft attack surface authentication breach +31
Palo Alto Networks Extends SASE Reach to Unmanaged Devices 7 hours ago | securityboulevard.com
alto devices devops devsecops +20
USENIX Security ’23 – Cryptographic Deniability: A Multi-perspective Study of User Perceptions and Expectations 7 hours ago | securityboulevard.com
access authors channel conference +17
The impact of automating open source dependency management 7 hours ago | securityboulevard.com
automation business consuming customer +14
Unlocking SMB Cybersecurity: The Rise of Virtual CISOs in 2024 and Beyond 7 hours ago | securityboulevard.com
align beyond business businesses +20
Navigating Container Security with AttackIQ’s Optimization Solutions 8 hours ago | securityboulevard.com
attackiq businesses challenge cloud security +19
CEO Discusses MDR Service With a Risk-Based Approach 9 hours ago | securityboulevard.com
aids apps artificial artificial intelligence +29
GitLab ‘Perfect 10’ Bug Gets a CISA Warning: PATCH NOW 9 hours ago | securityboulevard.com
agency analytics & intelligence api security bug +70
Our New “Days of Rage” Protest Activity and Considerations for Corporate Security 9 hours ago | securityboulevard.com
article attack college corporate +23

Jobs in InfoSec / Cybersecurity

Post a job on infosec-jobs.com Find talent on infosec-jobs.com

Senior Security Engineer - Detection and Response

@ Fastly, Inc. | US (Remote)
View on infosec-jobs.com

Application Security Engineer

@ Solidigm | Zapopan, Mexico
View on infosec-jobs.com

Defensive Cyber Operations Engineer-Mid

@ ISYS Technologies | Aurora, CO, United States
View on infosec-jobs.com

Manager, Information Security GRC

@ OneTrust | Atlanta, Georgia
View on infosec-jobs.com

Senior Information Security Analyst | IAM

@ EBANX | Curitiba or São Paulo
View on infosec-jobs.com

Senior Information Security Engineer, Cloud Vulnerability Research

@ Google | New York City, USA; New York, USA
View on infosec-jobs.com
View more jobs