Voozh

👁 CI/CD, GitOps, pipelines, Jenkins, kubernetes, kpack, buildpacks, CI/CD, Codefresh, Komodor, AI, clusters, kubernetes, generative AI Kubernetes Argo container security continuous SQL Server Windocks Tekton Kubeflow Red Hat CI/CD

Where DevOps Pipelines Break: Real Attack Paths in Cloud-Native CI/CD

While traditional security focuses on perimeters, modern attackers are moving upstream to the CI/CD pipeline. By compromising the build process rather than the final product, they can inject malicious code into trusted ...

Alex Vakulov | May 11, 2026 | Artifact Integrity, Build Server Vulnerabilities, CI/CD security, Dependency Poisoning, DevSecOps, Kubernetes security, Pipeline Hardening, Secret Management, SolarWinds Incident, Supply Chain Attacks

👁 Docker, secrets, gitguardian Thycotic Kubernetes secrets

Flare Finds 10,000 Docker Hub Images Exposing Secrets

Researchers found thousands of Docker images exposing API keys and tokens, revealing how secrets sprawl, shadow IT, and poor hygiene fuel modern breaches ...

Jeff Burt | December 16, 2025 | API, CI/CD security, cloud computing, container images, credentials, developers and containers, docker hub, exposed secrets, Flare Systems, passwords, shadow IT

👁 How AI and Python Can Transform Docker Security and Vulnerability Management

How AI and Python Can Transform Docker Security and Vulnerability Management

Automate Docker container security with Python. Use Trivy, Clair, and Dockle for CI/CD vulnerability scans and AI-based threat detection in DevSecOps ...

Advait Patel | October 7, 2025 | AI threat detection, AI-based anomaly detection, automated security scanning, CI/CD security, Clair, container security, containerized application security, DevSecOps automation, Docker image vulnerabilities, docker security, Docker threat detection, Dockle, machine learning in DevSecOps, Python Docker SDK, Python for cybersecurity, Python vulnerability scanner, real-time security monitoring, security in CI/CD pipelines, Trivy, Vulnerability Management

👁 runtime, visibility, Chainguard, threat, cloud-native security, Venafi, security, sigstore, KubeCon, cloud-native, security, secure, Rubrik, Kubernetes, Cloud-Native Security Best Practices

Runtime Visibility & AI-powered Security in Cloud-Native Environments

Kubernetes and cloud-native platforms have transformed software delivery — but also redefined the attack surface. As threats shift to runtime, visibility and real-time response have become the new security frontline. AI-driven anomaly ...

Alan Shimel | October 6, 2025 | AI copilot, AI governance, AI in cybersecurity, anomaly detection, automated response, CI/CD security, cloud native security, cloud security, cloud-native defense, container security, DevSecOps, explainable AI, kubernetes, LLMs in security, observability, platform engineering, runtime protection, runtime security, runtime visibility, security automation, security telemetry, service mesh, threat detection, zero-trust

URL: https://cloudnativenow.com/tag/ci-cd-security/

⇱ CI/CD security Archives - Cloud Native Now

Where DevOps Pipelines Break: Real Attack Paths in Cloud-Native CI/CD

Flare Finds 10,000 Docker Hub Images Exposing Secrets

How AI and Python Can Transform Docker Security and Vulnerability Management

Runtime Visibility & AI-powered Security in Cloud-Native Environments