The Ultimate Guide to DevSecOps
A curated Kiwi edition of TechDay news, analysis, interviews, reviews, job moves, and related resources for DevSecOps.
What to know about DevSecOps
DevSecOps represents the integration of security practices within the DevOps process, aiming to build security into every phase of software development and delivery. This approach helps organisations accelerate development cycles while maintaining strong security and compliance standards.
Exploring recent stories tagged with DevSecOps reveals a dynamic field where AI-driven tools, cloud-native security, and collaboration between development, security, and operations teams are shaping the future of secure software delivery. Topics such as risk management, container and API security, supply chain protection, and the rising importance of observability and automation are frequently discussed.
For readers interested in how organisations are addressing evolving cybersecurity threats while enhancing agility and innovation, the DevSecOps tag offers insights into technology advancements, cultural shifts, and best practices that help teams deliver resilient, secure software faster. Whether you are a developer, security professional, or IT leader, following DevSecOps stories provides valuable perspectives on securing modern software development in an increasingly complex digital landscape.
Kiwi DevSecOps News
Regional stories with direct local relevance
Capture The Bug adds US tech leaders for North American push
Hamilton-born Capture The Bug taps top US tech leaders to drive North American growth as demand rises for continuous security testing.
Top cybersecurity achievements celebrated at 2023 iSANZ Awards
New Zealand's cybersecurity heroes, including KPMG's Philip Whitmore and BNZ teams, were honoured at the 2023 iSANZ Awards for advancing digital resilience nationwide.
Auldhouse significantly expands cybersecurity training offerings
Auldhouse set to become one of New Zealand's leading cybersecurity training providers, gaining official rights to the world's top cybersecurity certifications.
NZ financial firms bolster secure software development with Checkmarx
Two major financial institutions in New Zealand have refreshed their application security measures with the help of security specialist Checkmarx.
Analyst Insights
Research and market analysis connected to DevSecOps
Gigamon eyes AI-led surge in network observability
Legacy tech blocks AI projects across Asia Pacific
Codenotary launches AgentX for Linux security automation
DigiCert posts record ARR after Valimail acquisition
Zero Networks launches Kubernetes Access Matrix tool
Featured News
Upwind Expands to Sydney: Real Time Cloud Security for APJ
Upwind Security opens a Sydney base to serve APJ customers with real-time cloud and AI workload protection, backed by a USD $250 million funding round.
AI agents multiply risk, says DigiCert chief product officer
DigiCert's Chief Product Officer Deepika Chahuan says organisations must gain visibility over AI agents, or risk chaos as deployments accelerate.
Google Cloud CEO sets out enterprise AI agent plan
Google Cloud's Thomas Kurian unveils Gemini Enterprise as an open, secure workplace AI platform linking models, data, chips and security.
UiPath Accelerates AI in Software Development and Testing
UiPath is pushing AI deeper into software testing, promising autonomous agents that transform quality assurance and developers' roles.
Grafana: Turning data chaos into developer efficiency and CFO savings
Grafana leans on AI-powered observability and Adaptive Telemetry to sharpen developer insight while slashing cloud bills by up to 50%.
Expert Columns
From 398 to 200 Days: Understanding the TLS Certificate Lifespan Reduction
Secure by default: Moving beyond secure by design
Why the next endpoint and SASE disruption will not come from a security vendor
The security challenges in AI-assisted software development
How AI-powered log management unlocks observability
Agentic AI double agents expose dangerous security gaps
Automation vital as TLS certificate lifespans shrink
Why auto update is the most underrated security feature on your firewall
AI, compliance and security trends for 2026
Integrating AppSec for efficient DevSecOps
Interviews
Interviews and video coverage from the networkRecent DevSecOps News
Kamiwaza launches AI platform for regulated sectors
Kamiwaza AI debuts version 1.0 platform for healthcare, banking and government users, promising governed access and hardened infrastructure.
Chainguard launches compliant EKS add-ons in AWS Marketplace
Chainguard brings compliant EKS add-ons to AWS Marketplace, giving regulated organisations FIPS 140-3 validated Kubernetes components with zero known CVEs.
Cloudflare warns of AI code review prompt injection
Cloudflare says indirect prompt injection can fool AI code reviewers, with malicious scripts slipping past models when buried in large files and comment noise.
OpenObserve raises USD $10 million for Observability 3.0
OpenObserve wins USD $10 million backing to expand its Observability 3.0 platform, adding AI SRE and LLM monitoring for enterprise customers.
Intruder launches AI pentesting for faster validation
Intruder's new AI Pentesting tool aims to validate scanner findings in minutes, easing pressure on security teams facing faster-moving threats.
Keeper Security launches Agent Kit for AI coding agents
Keeper Security launches Agent Kit to let AI coding assistants handle secrets and admin tasks without exposing credentials in chat logs.
Intruder launches AI pentesting to cut vulnerability triage
Intruder launches AI Pentesting to help security teams validate scanner findings faster as pressure mounts over shrinking exploit windows.
Virtana adds AWS Bedrock Guardrails support to AI Factory
Virtana expands AI Factory Observability with AWS Bedrock Guardrails support, giving security teams deeper insight into enterprise LLM behaviour and anomalies.
.webp)
Qualys warns cloud risk now stems from identity design
Qualys report says cloud breaches are increasingly driven by identity design, delegated trust and slow remediation as AI widens exposure.
GitLab deepens Anthropic Claude integration for governance
GitLab adds Anthropic's latest Claude models to Duo Agent Platform, giving enterprises cloud-based access with governance, compliance and audit controls.
API attacks surge as AI exposure raises cyber risk
Akamai survey finds APIs are now cybercriminals' main target, with AI-linked interfaces under attack and incidents costing organisations more than USD $700,000.
MathWorks adds AI copilot tools to MATLAB & Simulink
MathWorks adds Simulink Copilot and Polyspace Copilot in R2026a, bringing generative AI tools to embedded design, code analysis and verification.
.webp)
UiPath links Databricks data & expands Deloitte tests
UiPath deepens Databricks and Deloitte ties to push governed AI workflows and automated testing across enterprise data operations.
AI flaws & supply-chain risks top new pentesting report
Cobalt's annual pentesting study says AI and supplier tools are exposing fresh weaknesses, with security teams struggling to keep pace with rapid deployment.
Wiz expands AI security coverage across cloud & edge
Wiz adds Red Agent preview and wider tools for AI code, Databricks, multicloud services and edge risk across cloud environments.
CrowdStrike launches AI security coalition with partners
CrowdStrike unveils AI security coalition with Accenture, EY, IBM Cybersecurity Services, Kroll and OpenAI to spot and fix code flaws faster.
Thales launches Imperva for Google Cloud in controlled availability
Thales brings Imperva into Google Cloud as controlled launch targets app and API protection with lower latency and simpler operations.
Lineaje survey finds AI code confidence outpaces visibility
Lineaje survey flags a widening governance gap as most firms use AI-generated code, yet few can fully see or track it.
Claude Code can leak secrets in public npm packages
Check Point says Anthropic's Claude Code can quietly stash credentials in .claude/settings.local.json, which may be published in public npm packages.
Check Point teams with Google Cloud on AI agent security
Check Point and Google Cloud add governance and live monitoring to enterprise AI agents as firms race to secure autonomous workflows.