The National Institute of Standards and Technology (NIST) has issued the NIST SP 800-204C “Implementation of DevSecOps for a Microservices-based Application with Service Mesh.”
NIST released on March 8, 2022 a new Special Publication (SP) 800-204C, which provides a “comprehensive guidance for the implementation of DevSecOps primitives for a reference platform hosting a cloud-native application.”
The new guideline includes an overview of the DevSecOps platform to include CI/CD pipelines, its building blocks, the design and execution of CI/CD pipelines and automation for efficient workflows.
Related Articles
- DevSecOps best practices to secure cloud-native and microservices-based applications
- NotLegit: 4-year old Microsoft Azure App Service 0-day vulnerability affects source code repositories
- GitHub fixes 2 npm registry vulnerabilities
- The 2020 CWE Top 25 Most Dangerous Software Weaknesses
- Guidelines for securing Content Management Systems
- Microsoft introduces Application Inspector
- GitHub launches ‘Security Lab’ to help secure open source software
- Misconfigured Docker containers abused to deliver cryptocurrency mining malware