DevSecOps 6 min read

Keeping up with Docker Official Images

Get a better approach for managing your Dockerfiles. You'll never fall behind when important fixes roll out. See how we did it at Atomist and how you can get early access to our Docker policy.

Keeping up with Docker Official Images

Get a better approach for managing your Dockerfiles. You'll never fall behind when important fixes roll out. See how we did it at Atomist and how you can get early access to our Docker policy.

Skills 6 min read

The Best of Tools Are Those That Reduce Friction

This is a guest post by Justin Florentine, Director of Software Engineering at Elsevier. Justin shares his perspective on how and why friction happens in software. He presents the perks of using automation and how automating tasks is the simplest way to get the job done right.

The Best of Tools Are Those That Reduce Friction

This is a guest post by Justin Florentine, Director of Software Engineering at Elsevier. Justin shares his perspective on how and why friction happens in software. He presents the perks of using automation and how automating tasks is the simplest way to get the job done right.

How-To 3 min read

No Secret Left Behind: Detecting Custom Secrets on GitHub

Your custom secrets are likely some of the most critical to protect. This post outlines how you can up-level your scanning with a simple regular expression pattern added to the Secret Scanner skill, which is not covered by your Git provider scans, like GitHub's secret scanning.

No Secret Left Behind: Detecting Custom Secrets on GitHub

Your custom secrets are likely some of the most critical to protect. This post outlines how you can up-level your scanning with a simple regular expression pattern added to the Secret Scanner skill, which is not covered by your Git provider scans, like GitHub's secret scanning.

Start using Atomist today. Get early access.

Try Atomist For Free
DevOps 3 min read

Continuous npm-audit: Keep your code safe and stay sane

Security starts at home, and using `npm audit` as part of your local development process is highly recommended. This post will address the importance of making your audits automatic and how to package up the fixes in tidy pull requests — you'll keep your codebase safer while staying sane.

Continuous npm-audit: Keep your code safe and stay sane

Security starts at home, and using `npm audit` as part of your local development process is highly recommended. This post will address the importance of making your audits automatic and how to package up the fixes in tidy pull requests — you'll keep your codebase safer while staying sane.

Skills 3 min read

Don't leak 'em (your secrets)

Don't risk letting credentials and sensitive information sit in your codebase for the taking. You need an in-depth defense strategy to keep all your secrets under wraps. In this post, we outline a few ideas and examples.

Don't leak 'em (your secrets)

Don't risk letting credentials and sensitive information sit in your codebase for the taking. You need an in-depth defense strategy to keep all your secrets under wraps. In this post, we outline a few ideas and examples.