all InfoSec news logo
all InfoSec news - Your InfoSec news aggregator
Log in Sign up
all InfoSec news

From Theory to Practice: Navigating NIST's CI/CD Security Strategies

Add to bookmarks
Sept. 11, 2023, 9:32 p.m. | Neta Spektor

Legit Security Blog www.legitsecurity.com




On August 30, 2023, NIST published SP 800-204D, an Initial Public Draft (IPD) Named: “Strategies for the Integration of Software Supply Chain Security in DevSecOps CI/CD pipelines”. The publication takes the SSDF's high-level policies and sets a guideline for how to comply to them using CI/CD pipelines. With this, you can automate the process of compliance, guarantee that all artifacts that went through the pipelines are compliant, and make the process as zero-trust as possible.


This blog post delves …

august cd pipelines cd security devsecops explainers high integration nist pipelines policies practice public security security strategies software software supply chain software supply chain security strategies supply supply chain supply chain security theory

Visit resource

More from www.legitsecurity.com / Legit Security Blog

Dependency Confusion Vulnerability Found in an Archived Apache Project 1 week, 4 days ago | www.legitsecurity.com
apache appsec best practices dependency +10
The Role of ASPM in Enhancing Software Supply Chain Security 2 weeks, 1 day ago | www.legitsecurity.com
appsec aspm best practices critical +14
How to Reduce the Risk of Using External AI Models in Your SDLC 3 weeks ago | www.legitsecurity.com
address ai models appsec best practices +5
Securing the Software Supply Chain: Risk Management Tips 1 month ago | www.legitsecurity.com
appsec best practices can explainers +15
What You Need to Know About the XZ Utils Backdoor 1 month ago | www.legitsecurity.com
announcement appsec backdoor legit +3
How to Get the Most From Your Secrets Scanning 1 month, 1 week ago | www.legitsecurity.com
amp appsec best practices code +17
Microsoft Under Attack by Russian Cyberattackers 1 month, 2 weeks ago | www.legitsecurity.com
appsec attack attackers best practices +11
Don't Miss These Emerging Trends in Cloud Application Security 1 month, 2 weeks ago | www.legitsecurity.com
application application security appsec best practices +9
Using AI to Reduce False Positives in Secrets Scanners 1 month, 3 weeks ago | www.legitsecurity.com
appsec best practices false positives legit +6

Jobs in InfoSec / Cybersecurity

Post a job on infosec-jobs.com Find talent on infosec-jobs.com

Senior Security Specialist, Forsah Technical and Vocational Education and Training (Forsah TVET) (NEW)

@ IREX | Ramallah, West Bank, Palestinian National Authority
View on infosec-jobs.com

Consultant(e) Junior Cybersécurité

@ Sia Partners | Paris, France
View on infosec-jobs.com

Senior Network Security Engineer

@ NielsenIQ | Mexico City, Mexico
View on infosec-jobs.com

Senior Consultant, Payment Intelligence

@ Visa | Washington, DC, United States
View on infosec-jobs.com

Corporate Counsel, Compliance

@ Okta | San Francisco, CA; Bellevue, WA; Chicago, IL; New York City; Washington, DC; Austin, TX
View on infosec-jobs.com

Security Operations Engineer

@ Samsara | Remote - US
View on infosec-jobs.com
View more jobs