Resources to help developers build the knowledge and skills needed to build robust, scalable, and secure enterprise applications. Explore a range of topics essential for enterprise software development, including continuous integration and continuous deployment (CI/CD), effective collaboration tips, and the principles of DevOps and DevSecOps.
To best apply DevSecOps principles to improve the security of your supply chain, you should ask your developers to declare your dependencies in code; and in turn provide your developers with maintained ‘golden’ artifacts and automated downstream actions so they can focus on code.
GitHub’s team delves into answering the question “what are operations roles in the development and operations (DevOps) environments”. From automating the role of QA in DevOps and more for smaller, faster delivery cycles.
GitHub has the privilege of partnering with thousands of organizations to improve their DevOps practices, from established enterprises transforming the way they work to born-in-the-cloud businesses. We often connect developers,…
This is the second post in our series on DevOps fundamentals. For a guide to what DevOps is and answers to common DevOps myths check out part one. What role…
How GitHub measures and improves reliability, security, and developer happiness with automated deployments.
This is our second post on cloud deployment with containers. Looking for more? Join our upcoming GitHub Actions webcast with Sarah, Solutions Engineer Pavan Ravipati, and Senior Product Manager Kayla…
This is a guest post by Jimmy Whitaker, senior data science evangelist at Pachyderm In the last few years, DevOps has begun to shift—from a culture of continuous integration and…
See this post in action during GitHub Demo Days on October 16. What makes a project successful? For developers building cloud-native applications, successful projects thrive on transparent, consistent, and rigorous…
By now, most people in technology are familiar with the term DevOps. What we call “DevOps” will often differ between organizations, yet one thing remains the same: DevOps is defined…
This post is the second in our series on using GitHub for MLOps and data science. Just joining in? Get started with part one. Most continuous integration (CI) tools only…
In this interview, we dig deeper with Maya Kaczorowski on what DevSecOps is, and how to apply it. It’s a mindset shift in how development teams think about security. DevSecOps is about making all parties who are part of the application development lifecycle accountable for security of the application.
Integrating static analysis security testing into the developer workflow is hard. We discuss the challenges and how to overcome them
This is a guest post by Rahul Chhabria, Director of Product Marketing at Sentry. At Sentry, we believe that code is the center of every experience and when code works,…
When developers share the responsibility of security, perform security testing earlier in your development lifecycle, and use Git as a source of truth, you can help your development teams find and remediate security issues faster.
GitHub provides the security capabilities to achieve Level 1 of the OWASP DevSecOps Maturity Model. In this post, we explore the principles of DSOMM Level 1 and how you can implement secret scanning, SCA, SAST and DAST using native tooling on GitHub.
Build what’s next on GitHub, the place for anyone from anywhere to build anything.
