$ tag: CI/CD
# All the articles with the tag "CI/CD".
-
DAST with OWASP ZAP in CI/CD Pipelines
Dynamic Application Security Testing often gets skipped because it's hard to automate. Here's how to integrate OWASP ZAP into your pipeline without it becoming a blocker.
-
Hardening GitHub Actions Workflows
GitHub Actions is powerful and widely trusted — which makes misconfigured workflows a high-value attack target. Here's how to lock them down.
-
Secrets Management in CI/CD Pipelines
How to stop treating secrets as an afterthought in your pipelines — and what actually works in practice.