Security works best when it is built into the pipeline, not bolted on at the end. The posts in this collection are about doing exactly that — turning CI/CD into a place where vulnerabilities, misconfigurations and leaked secrets get caught automatically, before they ever reach production. This is the approach I use to ship quickly without trading away safety.

You will find hands-on guides on scanning infrastructure as code, catching container vulnerabilities with Docker Scout, connecting GitLab to AWS with OIDC instead of long-lived keys, and wiring automated security gates into your delivery flow. The theme throughout is automation: make the secure path the default path, so good security does not depend on anyone remembering to do it.

Articles in this topic

• Claude Code Security: The Smart Way to Integrate AI Feb 2026
• Build a DevSecOps Pipeline on AWS: A Hands-On Guide Jan 2026
• AWS DevOps Agent: AI-Powered Incident Investigation Dec 2025
• Modernizing Bot Infrastructure: A Kubernetes Success Story Jan 2025
• Kubernetes Secrets: A Guide to Secure Secret Injection Sep 2024
• Integrating GitLab and AWS with OIDC (No Static Keys) Aug 2024
• Identifying Risks: Docker Scout's Vulnerability Scan on GitLab Jul 2024
• Automating Code Reviews with GitLab CI/CD and Ollama May 2024
• Automated Security Scanning for Infrastructure as Code with GitLab Feb 2024
• Automating Security Scanning and Uploading Results to DefectDojo in GitLab CI/CD Oct 2023
• Installing an SSL Certificate on a Windows Server with Ansible Sep 2022
• Automating Slackbot Deployment with Ansible and Jenkins May 2022
• Ansible to setup LAMP application on VMs hosted in Azure Mar 2022
• Deploy SharePoint Framework Web Part using Bitbucket Pipelines & Deployments Sep 2019
• SharePoint Framework Web Part – Continuous Integration and Delivery Sep 2018