How-To 2 min read

No Secret Left Behind: Detecting Custom Secrets on GitHub

Your custom secrets are likely some of the most critical to protect. This post outlines how you can up-level your scanning with a simple regular expression pattern added to the Secret Scanner skill, which is not covered by your Git provider scans, like GitHub's secret scanning.

No Secret Left Behind: Detecting Custom Secrets on GitHub

Your custom secrets are likely some of the most critical to protect. This post outlines how you can up-level your scanning with a simple regular expression pattern added to the Secret Scanner skill, which is not covered by your Git provider scans, like GitHub's secret scanning.

DevOps 3 min read

Continuous npm-audit: Keep your code safe and stay sane

Security starts at home, and using `npm audit` as part of your local development process is highly recommended. This post will address the importance of making your audits automatic and how to package up the fixes in tidy pull requests — you'll keep your codebase safer while staying sane.

Continuous npm-audit: Keep your code safe and stay sane

Security starts at home, and using `npm audit` as part of your local development process is highly recommended. This post will address the importance of making your audits automatic and how to package up the fixes in tidy pull requests — you'll keep your codebase safer while staying sane.

Skills 3 min read

Don't leak 'em (your secrets)

Don't risk letting credentials and sensitive information sit in your codebase for the taking. You need an in-depth defense strategy to keep all your secrets under wraps. In this post, we outline a few ideas and examples.

Don't leak 'em (your secrets)

Don't risk letting credentials and sensitive information sit in your codebase for the taking. You need an in-depth defense strategy to keep all your secrets under wraps. In this post, we outline a few ideas and examples.

New Feature 3 min read

Introducing Skills — Automation Apps for DevEx and DevOps

Today we're shipping the public beta of our Skills catalog, which encapsulates knowledge in the form of pre-built automations (called skills) that you configure to use — like a purpose-built IFTTT recipe.

Introducing Skills — Automation Apps for DevEx and DevOps

Today we're shipping the public beta of our Skills catalog, which encapsulates knowledge in the form of pre-built automations (called skills) that you configure to use — like a purpose-built IFTTT recipe.

How-To 2 min read

How ChatOps Helps Us Streamline Our Work

A simple issue notification in Slack with actions attached can tell you the essentials — making the notification actionable removes the distance between information and action, cutting out dozens of trips per day to a browser tab for a click or comment.

How ChatOps Helps Us Streamline Our Work

A simple issue notification in Slack with actions attached can tell you the essentials — making the notification actionable removes the distance between information and action, cutting out dozens of trips per day to a browser tab for a click or comment.

DevOps 4 min read

Get control of your code and process

Drift is the divergence of your code and configuration from where you would want it to be, from an ideally current state. It happens over time and typically goes unnoticed until something breaks or an exploit happens. Tame drift with Atomist.

Get control of your code and process

Drift is the divergence of your code and configuration from where you would want it to be, from an ideally current state. It happens over time and typically goes unnoticed until something breaks or an exploit happens. Tame drift with Atomist.