{"id":102071,"date":"2025-06-04T17:06:31","date_gmt":"2025-06-04T15:06:31","guid":{"rendered":"https:\/\/staging.checkmarx.com\/?post_type=learn&#038;p=102071"},"modified":"2025-06-25T22:29:13","modified_gmt":"2025-06-25T20:29:13","slug":"how-to-protect-your-pipeline-with-devsecops","status":"publish","type":"learn","link":"https:\/\/checkmarx.com\/learn\/how-to-protect-your-pipeline-with-devsecops\/","title":{"rendered":"How to Protect Your Pipeline With DevSecOps"},"content":{"rendered":"<p>We\u2019ve all seen it: a fast-moving continuous integration and continuous deployment (CI\/CD) pipeline gets code out the door quickly, but with a few security oversights that only become apparent when it\u2019s too late. A <a href=\"https:\/\/arxiv.org\/abs\/2401.17606?utm_source=chatgpt.com\">recent study<\/a> of over 320,000 GitHub repos with CI\/CD configurations found widespread issues, everything from exposed secrets to malicious injections, could easily slip past unnoticed.<\/p>\n\n\n\n<p>That\u2019s where DevSecOps comes in. It\u2019s not about adding one more layer of process. It\u2019s about building security into the foundation of how we write, test, and ship code. When everyone shares responsibility, you stop treating DevOps security like a final gate and start making it part of the flow.<\/p>\n\n\n\n<p>Teams are eliminating vulnerabilities by baking automated security checks into every stage of their pipeline: static analysis on every pull request, open-source scanning on every build, and secret detection before code even hits version control.<\/p>\n\n\n\n<p>DevSecOps gives us the blueprint to secure our code without slowing us down. That starts with visibility, automation, and the right cultural mindset.<\/p>\n\n\n\n<h2 class=\"wp-block-heading article-anchor\" id=\"article-anchor-1\"><strong>1. Common Pipeline Weak Spots and How to Fix Them<\/strong><\/h2>\n\n\n\n<p>Even the most mature pipelines have cracks because modern software delivery is complex by design. We rely on dozens of tools, plugins, and third-party services to move fast, but every component introduces potential risk.&nbsp;<\/p>\n\n\n\n<p>Open-source dependencies can come bundled with known vulnerabilities. Misconfigured access controls can give attackers a clear path to sensitive systems. Meanwhile, secrets, including API keys, credentials, and tokens, are often accidentally committed to source control in a rush to ship.&nbsp;<\/p>\n\n\n\n<p>These aren\u2019t theoretical problems. They\u2019re the kind of issues we see every day in real-world breaches. Here\u2019s how to take action using DevSecOps best practices:<\/p>\n\n\n\n<ul class=\"wp-block-list\">\n<li>\n<strong>Use Software Composition Analysis (SCA)<\/strong> to scan third-party packages for vulnerabilities every time you build. Open-source components are a magnet for attackers, and most teams use them by the hundreds. Checkmarx One&#8217;s <a href=\"https:\/\/checkmarx.com\/cxsca-open-source-scanning\/\">SCA<\/a> integrates directly into your CI\/CD workflow to automatically identify known CVEs and license risks, giving your developers real-time feedback before a vulnerability makes it to production.<\/li>\n\n\n\n<li>\n<strong>Scan for hardcoded secrets<\/strong> with Checkmarx <a href=\"https:\/\/checkmarx.com\/product\/secrets-detection\/\">Secrets Detection<\/a> to keep credentials out of source code and prevent the risk of exposure. It only takes one overlooked API key to open the door to data theft or infrastructure compromise. Our scanning tools flag secrets the moment they hit the repo, so your team can fix issues before they\u2019re committed, or worse, pushed to a public repository.<\/li>\n\n\n\n<li>\n<strong>Set guardrails<\/strong> around who can access what in your build systems. <a href=\"https:\/\/checkmarx.com\/glossary\/malicious-code\/\">Least privilege access and role-based permissions<\/a> aren\u2019t just security best practices. They\u2019re essential for reducing your attack surface. With Checkmarx, you can enforce policy controls and automate alerts when access deviates from your security baseline.<\/li>\n<\/ul>\n\n\n\n<p>When security is embedded directly into your workflow, you can identify risks in real time, prioritize what matters most, and reduce the noise that leads to alert fatigue. Use this visibility to track exposure trends over time, set risk thresholds for different environments, and automate escalation paths when issues exceed defined severity levels.<\/p>\n\n\n\n<p>Integrate findings into your existing dashboards and reporting tools to give security and engineering teams a shared view of risk that drives collaborative, continuous improvement. With Checkmarx One, you see the entire picture, from code to container, so nothing slips through the cracks.<\/p>\n\n\n<section class=\"section-block-info light-theme\">\n    <div class=\"main-wrapper block-info__wrapper\">\n        <div class=\"block-info center\">\n\t\t\t\n\t\t\t<h2 class=\"section-title article-anchor\" id=\"article-anchor-2\">Elevate Your DevSecOps Best Practices in the Age of AI<\/h2>\t\t\t<p class=\"section-description\">You\u2019ve laid strong pipeline foundations\u2014now it\u2019s time to supercharge them with AI insights. See how DevSecOps best practices are evolving in the AI era to enhance security and unlock smarter automation.<\/p>\n\t\t\t<div class=\"actions\">\n\t\t\t\t        <a href=\"https:\/\/checkmarx.com\/learn\/ai-security\/devsecops-best-practices-in-the-age-of-ai\/\" class=\"btn btn-2 btn-bg white demo\">Learn More<\/a>\n        \t\t\t\t\t\t\t<\/div>\n        <\/div>\n    <\/div>\n<\/section>\n\n\n<h2 class=\"wp-block-heading article-anchor\" id=\"article-anchor-3\"><strong>2. Building Security Into Your Pipeline From Day One<\/strong><\/h2>\n\n\n\n<p>CI\/CD automation has transformed how fast we deliver code, but speed without security is a recipe for risk. That\u2019s why secure-by-design principles need to be embedded from the very first commit. When security controls are <a href=\"https:\/\/checkmarx.com\/blog\/securing-the-ai-development-lifecycle-from-code-generation-to-deployment\/\">built into development workflows<\/a> rather than bolted on later, you reduce friction, avoid technical debt, and catch vulnerabilities when they\u2019re cheapest to fix. The goal isn\u2019t to turn developers into security experts, but to empower them with the right tools, feedback, and guardrails, right where they work.<\/p>\n\n\n\n<ul class=\"wp-block-list\">\n<li>\n<strong>Static Application Security Testing (SAST) with contextual risk scoring<\/strong>: Go beyond basic static scanning with <a href=\"https:\/\/checkmarx.com\/cxsast-source-code-scanning\/\">contextual analysis<\/a> based on data flow, call hierarchy, and known exploitability, so developers can focus on fixing what matters most. Integrated directly into the dev workflow, it delivers prioritized results inside integrated development environments (IDEs) and source code management (SCM) systems, turning security findings into actionable code improvements.<\/li>\n\n\n\n<li>\n<strong>Build-time threat modeling and image hardening<\/strong>: Instead of just scanning containers, inject security posture earlier with automated threat modeling and base image analysis. Use Checkmarx integrations to identify misconfigurations in Dockerfiles, detect use of deprecated libraries, and enforce secure defaults before an image ever runs in production.<\/li>\n\n\n\n<li>\n<strong>Automated policy enforcement<\/strong>: It&#8217;s essential to define and enforce guardrails across your repositories and CI\/CD tools. With Checkmarx One, you can block merges or deployments if critical vulnerabilities are detected or automatically create tickets for remediation. Everything is orchestrated to align with your team\u2019s workflow.<\/li>\n\n\n\n<li>\n<strong>Developer enablement<\/strong>: Beyond just flagging issues, we surface remediation guidance in plain language, offer secure code snippets, and integrate with collaboration tools like Jira and Slack so developers can act fast, without leaving their environment.<\/li>\n<\/ul>\n\n\n\n<p>Building in security from day one isn\u2019t just more effective; it\u2019s simply more efficient. You reduce context switching, avoid costly rework, and foster a culture where writing secure code is just how things are done. Encourage developers to treat security findings like bugs, triaging and tracking them with the same urgency as functional defects.<\/p>\n\n\n\n<p>For example, use CI <a href=\"https:\/\/checkmarx.com\/learn\/container-security\/implementing-policy-management-for-container-security-compliance\/\">policies<\/a> to ensure every pull request runs through SAST and SCA gates. Set service level agreements (SLAs) for remediating high-risk findings and integrate those timelines directly into sprint planning. Most importantly, continuously review and refine your tooling to make sure it&#8217;s delivering actionable insights, not just noise.<\/p>\n\n\n\n<h2 class=\"wp-block-heading article-anchor\" id=\"article-anchor-4\"><strong>3. Scaling Secure Practices With Automation and ASPM<\/strong><\/h2>\n\n\n\n<p>Manual security reviews can\u2019t keep up with the speed of modern development. Every new microservice, integration, and release multiplies the risk landscape and the burden on security teams. To keep pace, DevSecOps engineers need scalable, automated solutions that embed security directly into CI\/CD pipelines and development environments without sacrificing speed or flexibility.<\/p>\n\n\n\n<p>That\u2019s where DevSecOps automation and Application Security Posture Management (<a href=\"https:\/\/checkmarx.com\/product\/aspm\/\">ASPM<\/a>) come in. Automation isn\u2019t just about running scans. It\u2019s about orchestrating the right checks at the right time with minimal developer friction. For example:<\/p>\n\n\n\n<ul class=\"wp-block-list\">\n<li>\n<strong>Automate SAST and SCA scans<\/strong> on every pull request or build, with results delivered directly in IDEs or pull request (PR) comments so developers can resolve issues without breaking flow.<\/li>\n\n\n\n<li>\n<strong>Set up dynamic risk scoring<\/strong> to adjust enforcement policies based on business impact, asset sensitivity, and real exploitability. Don\u2019t block every medium-level vulnerability\u2014block the ones that matter most.<\/li>\n\n\n\n<li>\n<strong>Integrate with ticketing systems<\/strong> like Jira to auto-create issues and track SLAs for remediation.<\/li>\n\n\n\n<li>\n<strong>Use alerts strategically<\/strong> through Slack or Teams integrations\u2014no more email overload.<\/li>\n<\/ul>\n\n\n\n<p>Meanwhile, ASPM acts as the glue that holds it all together. Instead of juggling multiple tools with siloed outputs, ASPM unifies your security posture across the SDLC. With Checkmarx One, you can:<\/p>\n\n\n\n<ul class=\"wp-block-list\">\n<li>Correlate findings across SAST, SCA, secrets detection, Infrastructure-as-Code (IaC), and container scanning<\/li>\n\n\n\n<li>Prioritize vulnerabilities based on runtime context and attack paths<\/li>\n\n\n\n<li>Track metrics like time-to-remediate and unresolved critical issues per repo or team<\/li>\n\n\n\n<li>Create executive dashboards that reflect real risk, not just raw scan volume<\/li>\n<\/ul>\n\n\n\n<p>The result? A proactive, risk-aware security program that evolves with your architecture and helps your engineers move faster, with fewer surprises at release time. Take it a step further by setting automated enforcement rules that adapt as your codebase and infrastructure scale, such as tightening scan frequency on critical services or relaxing controls in non-prod environments to keep workflows smooth.<\/p>\n\n\n\n<p>Use ASPM to continuously audit policy compliance across business units, flag drift, and uncover bottlenecks before they impact velocity. And don\u2019t forget developer feedback loops\u2014track which alerts are ignored, which findings are reopened, and where remediation time lags, so you can keep fine-tuning your program to match how your teams really work.<\/p>\n\n\n\n<h2 class=\"wp-block-heading article-anchor\" id=\"article-anchor-5\"><strong>4. Getting Started and Leveling Up With DevSecOps<\/strong><\/h2>\n\n\n\n<p>Whether you&#8217;re starting from scratch or optimizing an existing setup, here\u2019s how to move forward:<\/p>\n\n\n\n<ul class=\"wp-block-list\">\n<li>\n<strong>Start with a security assessment<\/strong> of your pipeline to identify where your blind spots and bottlenecks are<\/li>\n\n\n\n<li>\n<strong>Automate where you can<\/strong>, starting with the highest-value opportunities like SAST on pull requests and SCA for critical dependencies<\/li>\n\n\n\n<li>\n<strong>Adopt a maturity mindset<\/strong>\u2014assess your DevSecOps posture regularly using a recognized DevSecOps maturity model and evolve your processes, tools, and policies as your architecture grows<\/li>\n\n\n\n<li>\n<strong>Build feedback loops and measure impact<\/strong>\u2014track remediation velocity, false positive rates, and where developers need more enablement<\/li>\n<\/ul>\n\n\n\n<p>And if you&#8217;re short on in-house security resources or looking to accelerate adoption, consider engaging with a trusted provider for DevSecOps as a service. Our approach lets you scale best practices with external expertise while focusing your internal teams on innovation.<\/p>\n\n\n\n<p>There\u2019s no perfect starting point, but there are practical, proven paths forward. Pick one improvement and operationalize it. Then do the next. DevSecOps isn\u2019t a one-time effort\u2014it\u2019s a continuous journey toward building secure software, faster and smarter.<\/p>\n\n\n\n<p>Ready to see how DevSecOps fits into your pipeline?<a href=\"https:\/\/checkmarx.com\/request-a-demo\/?utm_medium=blog&amp;utm_campaign=DevEx2Launchblog&amp;utm_source=blog\"> Request a demo<\/a> and let us show you what\u2019s possible.<\/p>\n\n\n<section class=\"section-block-info light-theme\">\n    <div class=\"main-wrapper block-info__wrapper\">\n        <div class=\"block-info center\">\n\t\t\t\n\t\t\t<h2 class=\"section-title article-anchor\" id=\"article-anchor-6\">Ready to see how DevSecOps fits into your pipeline?<\/h2>\t\t\t<p class=\"section-description\">Request a demo and let us show you what\u2019s possible.<\/p>\n\t\t\t<div class=\"actions\">\n\t\t\t\t        <a href=\"https:\/\/checkmarx.com\/request-a-demo\/?utm_medium=blog&#038;utm_campaign=DevEx2Launchblog&#038;utm_source=blog\" class=\"btn btn-2 btn-bg white demo\">Get Your Personalized Demo<\/a>\n        \t\t\t\t\t\t\t<\/div>\n        <\/div>\n    <\/div>\n<\/section>","protected":false},"author":143,"featured_media":102073,"parent":0,"menu_order":0,"template":"","meta":{"_acf_changed":true,"footnotes":""},"learn-cat":[861],"class_list":["post-102071","learn","type-learn","status-publish","has-post-thumbnail","hentry","learn-cat-developers"],"acf":[],"yoast_head":"<!-- This site is optimized with the Yoast SEO plugin v27.1.1 - https:\/\/yoast.com\/product\/yoast-seo-wordpress\/ -->\n<title>How to Protect Your Pipeline With DevSecOps<\/title>\n<meta name=\"description\" content=\"Learn how to protect your CI\/CD pipeline with DevSecOps best practices, automation, and ASPM. Discover actionable steps to embed security into your workflows without slowing down development.\" \/>\n<meta name=\"robots\" content=\"index, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<link rel=\"canonical\" href=\"https:\/\/checkmarx.com\/learn\/how-to-protect-your-pipeline-with-devsecops\/\" \/>\n<meta property=\"og:locale\" content=\"en_US\" \/>\n<meta property=\"og:type\" content=\"article\" \/>\n<meta property=\"og:title\" content=\"How to Protect Your Pipeline With DevSecOps\" \/>\n<meta property=\"og:description\" content=\"Learn how to protect your CI\/CD pipeline with DevSecOps best practices, automation, and ASPM. Discover actionable steps to embed security into your workflows without slowing down development.\" \/>\n<meta property=\"og:url\" content=\"https:\/\/checkmarx.com\/learn\/how-to-protect-your-pipeline-with-devsecops\/\" \/>\n<meta property=\"og:site_name\" content=\"Checkmarx\" \/>\n<meta property=\"article:publisher\" content=\"https:\/\/www.facebook.com\/Checkmarx.Source.Code.Analysis\" \/>\n<meta property=\"article:modified_time\" content=\"2025-06-25T20:29:13+00:00\" \/>\n<meta property=\"og:image\" content=\"https:\/\/checkmarx.com\/wp-content\/uploads\/2025\/06\/How-to-Protect-Your-Pipeline-With-DevSecOps.webp\" \/>\n\t<meta property=\"og:image:width\" content=\"2033\" \/>\n\t<meta property=\"og:image:height\" content=\"1097\" \/>\n\t<meta property=\"og:image:type\" content=\"image\/webp\" \/>\n<meta name=\"twitter:card\" content=\"summary_large_image\" \/>\n<meta name=\"twitter:site\" content=\"@checkmarx\" \/>\n<meta name=\"twitter:label1\" content=\"Est. reading time\" \/>\n\t<meta name=\"twitter:data1\" content=\"8 minutes\" \/>\n<script type=\"application\/ld+json\" class=\"yoast-schema-graph\">{\"@context\":\"https:\/\/schema.org\",\"@graph\":[{\"@type\":\"Article\",\"@id\":\"https:\/\/checkmarx.com\/learn\/how-to-protect-your-pipeline-with-devsecops\/#article\",\"isPartOf\":{\"@id\":\"https:\/\/checkmarx.com\/learn\/how-to-protect-your-pipeline-with-devsecops\/\"},\"author\":{\"name\":\"Eran Kinsbruner\",\"@id\":\"https:\/\/checkmarx.com\/#\/schema\/person\/0e5df47a6fb9c1bc0e0b31ef6cfd41fa\"},\"headline\":\"How to Protect Your Pipeline With DevSecOps\",\"datePublished\":\"2025-06-04T15:06:31+00:00\",\"dateModified\":\"2025-06-25T20:29:13+00:00\",\"mainEntityOfPage\":{\"@id\":\"https:\/\/checkmarx.com\/learn\/how-to-protect-your-pipeline-with-devsecops\/\"},\"wordCount\":1541,\"publisher\":{\"@id\":\"https:\/\/checkmarx.com\/#organization\"},\"image\":{\"@id\":\"https:\/\/checkmarx.com\/learn\/how-to-protect-your-pipeline-with-devsecops\/#primaryimage\"},\"thumbnailUrl\":\"https:\/\/checkmarx.com\/wp-content\/uploads\/2025\/06\/How-to-Protect-Your-Pipeline-With-DevSecOps.webp\",\"inLanguage\":\"en-US\"},{\"@type\":\"WebPage\",\"@id\":\"https:\/\/checkmarx.com\/learn\/how-to-protect-your-pipeline-with-devsecops\/\",\"url\":\"https:\/\/checkmarx.com\/learn\/how-to-protect-your-pipeline-with-devsecops\/\",\"name\":\"How to Protect Your Pipeline With DevSecOps\",\"isPartOf\":{\"@id\":\"https:\/\/checkmarx.com\/#website\"},\"primaryImageOfPage\":{\"@id\":\"https:\/\/checkmarx.com\/learn\/how-to-protect-your-pipeline-with-devsecops\/#primaryimage\"},\"image\":{\"@id\":\"https:\/\/checkmarx.com\/learn\/how-to-protect-your-pipeline-with-devsecops\/#primaryimage\"},\"thumbnailUrl\":\"https:\/\/checkmarx.com\/wp-content\/uploads\/2025\/06\/How-to-Protect-Your-Pipeline-With-DevSecOps.webp\",\"datePublished\":\"2025-06-04T15:06:31+00:00\",\"dateModified\":\"2025-06-25T20:29:13+00:00\",\"description\":\"Learn how to protect your CI\/CD pipeline with DevSecOps best practices, automation, and ASPM. Discover actionable steps to embed security into your workflows without slowing down development.\",\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"ReadAction\",\"target\":[\"https:\/\/checkmarx.com\/learn\/how-to-protect-your-pipeline-with-devsecops\/\"]}]},{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\/\/checkmarx.com\/learn\/how-to-protect-your-pipeline-with-devsecops\/#primaryimage\",\"url\":\"https:\/\/checkmarx.com\/wp-content\/uploads\/2025\/06\/How-to-Protect-Your-Pipeline-With-DevSecOps.webp\",\"contentUrl\":\"https:\/\/checkmarx.com\/wp-content\/uploads\/2025\/06\/How-to-Protect-Your-Pipeline-With-DevSecOps.webp\",\"width\":2033,\"height\":1097,\"caption\":\"Discover actionable steps to embed security into your workflows without slowing down development.\"},{\"@type\":\"WebSite\",\"@id\":\"https:\/\/checkmarx.com\/#website\",\"url\":\"https:\/\/checkmarx.com\/\",\"name\":\"Checkmarx\",\"description\":\"The world runs on code. We secure it.\",\"publisher\":{\"@id\":\"https:\/\/checkmarx.com\/#organization\"},\"potentialAction\":[{\"@type\":\"SearchAction\",\"target\":{\"@type\":\"EntryPoint\",\"urlTemplate\":\"https:\/\/checkmarx.com\/?s={search_term_string}\"},\"query-input\":{\"@type\":\"PropertyValueSpecification\",\"valueRequired\":true,\"valueName\":\"search_term_string\"}}],\"inLanguage\":\"en-US\"},{\"@type\":\"Organization\",\"@id\":\"https:\/\/checkmarx.com\/#organization\",\"name\":\"Checkmarx\",\"url\":\"https:\/\/checkmarx.com\/\",\"logo\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\/\/checkmarx.com\/#\/schema\/logo\/image\/\",\"url\":\"https:\/\/checkmarx.com\/wp-content\/uploads\/2024\/02\/logo-dark.svg\",\"contentUrl\":\"https:\/\/checkmarx.com\/wp-content\/uploads\/2024\/02\/logo-dark.svg\",\"width\":1,\"height\":1,\"caption\":\"Checkmarx\"},\"image\":{\"@id\":\"https:\/\/checkmarx.com\/#\/schema\/logo\/image\/\"},\"sameAs\":[\"https:\/\/www.facebook.com\/Checkmarx.Source.Code.Analysis\",\"https:\/\/x.com\/checkmarx\",\"https:\/\/www.youtube.com\/user\/CheckmarxResearchLab\",\"https:\/\/www.linkedin.com\/company\/checkmarx\"]},{\"@type\":\"Person\",\"@id\":\"https:\/\/checkmarx.com\/#\/schema\/person\/0e5df47a6fb9c1bc0e0b31ef6cfd41fa\",\"name\":\"Eran Kinsbruner\",\"image\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\/\/checkmarx.com\/#\/schema\/person\/image\/\",\"url\":\"https:\/\/checkmarx.com\/wp-content\/uploads\/2025\/05\/Eran-Kinsbruner-avatar-150x150.jpg\",\"contentUrl\":\"https:\/\/checkmarx.com\/wp-content\/uploads\/2025\/05\/Eran-Kinsbruner-avatar-150x150.jpg\",\"caption\":\"Eran Kinsbruner\"},\"description\":\"Enterprise Product Marketing Executive. Recognized thought leader, board advisor to stealth companies, researcher, inventor, and best-selling author of four books. Expertise in B2B SAAS, AI, observability, DevOps, and software quality.\",\"url\":\"https:\/\/checkmarx.com\/author\/erankinsbruner\/\"}]}<\/script>\n<!-- \/ Yoast SEO plugin. -->","yoast_head_json":{"title":"How to Protect Your Pipeline With DevSecOps","description":"Learn how to protect your CI\/CD pipeline with DevSecOps best practices, automation, and ASPM. Discover actionable steps to embed security into your workflows without slowing down development.","robots":{"index":"index","follow":"follow","max-snippet":"max-snippet:-1","max-image-preview":"max-image-preview:large","max-video-preview":"max-video-preview:-1"},"canonical":"https:\/\/checkmarx.com\/learn\/how-to-protect-your-pipeline-with-devsecops\/","og_locale":"en_US","og_type":"article","og_title":"How to Protect Your Pipeline With DevSecOps","og_description":"Learn how to protect your CI\/CD pipeline with DevSecOps best practices, automation, and ASPM. Discover actionable steps to embed security into your workflows without slowing down development.","og_url":"https:\/\/checkmarx.com\/learn\/how-to-protect-your-pipeline-with-devsecops\/","og_site_name":"Checkmarx","article_publisher":"https:\/\/www.facebook.com\/Checkmarx.Source.Code.Analysis","article_modified_time":"2025-06-25T20:29:13+00:00","og_image":[{"width":2033,"height":1097,"url":"https:\/\/checkmarx.com\/wp-content\/uploads\/2025\/06\/How-to-Protect-Your-Pipeline-With-DevSecOps.webp","type":"image\/webp"}],"twitter_card":"summary_large_image","twitter_site":"@checkmarx","twitter_misc":{"Est. reading time":"8 minutes"},"schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"Article","@id":"https:\/\/checkmarx.com\/learn\/how-to-protect-your-pipeline-with-devsecops\/#article","isPartOf":{"@id":"https:\/\/checkmarx.com\/learn\/how-to-protect-your-pipeline-with-devsecops\/"},"author":{"name":"Eran Kinsbruner","@id":"https:\/\/checkmarx.com\/#\/schema\/person\/0e5df47a6fb9c1bc0e0b31ef6cfd41fa"},"headline":"How to Protect Your Pipeline With DevSecOps","datePublished":"2025-06-04T15:06:31+00:00","dateModified":"2025-06-25T20:29:13+00:00","mainEntityOfPage":{"@id":"https:\/\/checkmarx.com\/learn\/how-to-protect-your-pipeline-with-devsecops\/"},"wordCount":1541,"publisher":{"@id":"https:\/\/checkmarx.com\/#organization"},"image":{"@id":"https:\/\/checkmarx.com\/learn\/how-to-protect-your-pipeline-with-devsecops\/#primaryimage"},"thumbnailUrl":"https:\/\/checkmarx.com\/wp-content\/uploads\/2025\/06\/How-to-Protect-Your-Pipeline-With-DevSecOps.webp","inLanguage":"en-US"},{"@type":"WebPage","@id":"https:\/\/checkmarx.com\/learn\/how-to-protect-your-pipeline-with-devsecops\/","url":"https:\/\/checkmarx.com\/learn\/how-to-protect-your-pipeline-with-devsecops\/","name":"How to Protect Your Pipeline With DevSecOps","isPartOf":{"@id":"https:\/\/checkmarx.com\/#website"},"primaryImageOfPage":{"@id":"https:\/\/checkmarx.com\/learn\/how-to-protect-your-pipeline-with-devsecops\/#primaryimage"},"image":{"@id":"https:\/\/checkmarx.com\/learn\/how-to-protect-your-pipeline-with-devsecops\/#primaryimage"},"thumbnailUrl":"https:\/\/checkmarx.com\/wp-content\/uploads\/2025\/06\/How-to-Protect-Your-Pipeline-With-DevSecOps.webp","datePublished":"2025-06-04T15:06:31+00:00","dateModified":"2025-06-25T20:29:13+00:00","description":"Learn how to protect your CI\/CD pipeline with DevSecOps best practices, automation, and ASPM. Discover actionable steps to embed security into your workflows without slowing down development.","inLanguage":"en-US","potentialAction":[{"@type":"ReadAction","target":["https:\/\/checkmarx.com\/learn\/how-to-protect-your-pipeline-with-devsecops\/"]}]},{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/checkmarx.com\/learn\/how-to-protect-your-pipeline-with-devsecops\/#primaryimage","url":"https:\/\/checkmarx.com\/wp-content\/uploads\/2025\/06\/How-to-Protect-Your-Pipeline-With-DevSecOps.webp","contentUrl":"https:\/\/checkmarx.com\/wp-content\/uploads\/2025\/06\/How-to-Protect-Your-Pipeline-With-DevSecOps.webp","width":2033,"height":1097,"caption":"Discover actionable steps to embed security into your workflows without slowing down development."},{"@type":"WebSite","@id":"https:\/\/checkmarx.com\/#website","url":"https:\/\/checkmarx.com\/","name":"Checkmarx","description":"The world runs on code. We secure it.","publisher":{"@id":"https:\/\/checkmarx.com\/#organization"},"potentialAction":[{"@type":"SearchAction","target":{"@type":"EntryPoint","urlTemplate":"https:\/\/checkmarx.com\/?s={search_term_string}"},"query-input":{"@type":"PropertyValueSpecification","valueRequired":true,"valueName":"search_term_string"}}],"inLanguage":"en-US"},{"@type":"Organization","@id":"https:\/\/checkmarx.com\/#organization","name":"Checkmarx","url":"https:\/\/checkmarx.com\/","logo":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/checkmarx.com\/#\/schema\/logo\/image\/","url":"https:\/\/checkmarx.com\/wp-content\/uploads\/2024\/02\/logo-dark.svg","contentUrl":"https:\/\/checkmarx.com\/wp-content\/uploads\/2024\/02\/logo-dark.svg","width":1,"height":1,"caption":"Checkmarx"},"image":{"@id":"https:\/\/checkmarx.com\/#\/schema\/logo\/image\/"},"sameAs":["https:\/\/www.facebook.com\/Checkmarx.Source.Code.Analysis","https:\/\/x.com\/checkmarx","https:\/\/www.youtube.com\/user\/CheckmarxResearchLab","https:\/\/www.linkedin.com\/company\/checkmarx"]},{"@type":"Person","@id":"https:\/\/checkmarx.com\/#\/schema\/person\/0e5df47a6fb9c1bc0e0b31ef6cfd41fa","name":"Eran Kinsbruner","image":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/checkmarx.com\/#\/schema\/person\/image\/","url":"https:\/\/checkmarx.com\/wp-content\/uploads\/2025\/05\/Eran-Kinsbruner-avatar-150x150.jpg","contentUrl":"https:\/\/checkmarx.com\/wp-content\/uploads\/2025\/05\/Eran-Kinsbruner-avatar-150x150.jpg","caption":"Eran Kinsbruner"},"description":"Enterprise Product Marketing Executive. Recognized thought leader, board advisor to stealth companies, researcher, inventor, and best-selling author of four books. Expertise in B2B SAAS, AI, observability, DevOps, and software quality.","url":"https:\/\/checkmarx.com\/author\/erankinsbruner\/"}]}},"_links":{"self":[{"href":"https:\/\/checkmarx.com\/wp-json\/wp\/v2\/learn\/102071","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/checkmarx.com\/wp-json\/wp\/v2\/learn"}],"about":[{"href":"https:\/\/checkmarx.com\/wp-json\/wp\/v2\/types\/learn"}],"author":[{"embeddable":true,"href":"https:\/\/checkmarx.com\/wp-json\/wp\/v2\/users\/143"}],"version-history":[{"count":0,"href":"https:\/\/checkmarx.com\/wp-json\/wp\/v2\/learn\/102071\/revisions"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/checkmarx.com\/wp-json\/wp\/v2\/media\/102073"}],"wp:attachment":[{"href":"https:\/\/checkmarx.com\/wp-json\/wp\/v2\/media?parent=102071"}],"wp:term":[{"taxonomy":"learn-cat","embeddable":true,"href":"https:\/\/checkmarx.com\/wp-json\/wp\/v2\/learn-cat?post=102071"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}