IT Brief Ireland - Technology news for CIOs & IT decision-makers
Ireland
Irish Edition · 2026

The Ultimate Guide to DevSecOps

A curated Irish edition of TechDay news, analysis, interviews, reviews, job moves, and related resources for DevSecOps.

What to know about DevSecOps

DevSecOps represents the integration of security practices within the DevOps process, aiming to build security into every phase of software development and delivery. This approach helps organisations accelerate development cycles while maintaining strong security and compliance standards.

Exploring recent stories tagged with DevSecOps reveals a dynamic field where AI-driven tools, cloud-native security, and collaboration between development, security, and operations teams are shaping the future of secure software delivery. Topics such as risk management, container and API security, supply chain protection, and the rising importance of observability and automation are frequently discussed.

For readers interested in how organisations are addressing evolving cybersecurity threats while enhancing agility and innovation, the DevSecOps tag offers insights into technology advancements, cultural shifts, and best practices that help teams deliver resilient, secure software faster. Whether you are a developer, security professional, or IT leader, following DevSecOps stories provides valuable perspectives on securing modern software development in an increasingly complex digital landscape.

Analyst Insights

Research and market analysis connected to DevSecOps

Expert Columns

Interviews

Interviews and video coverage from the network

Recent DevSecOps News

FIS joins Anthropic cyber security project with Mythos 5
Supply Chain

FIS joins Anthropic cyber security project with Mythos 5

For thousands of banks and payments firms, the trial could help spot software flaws before they disrupt critical financial systems.

Today

Google Cloud issues guardrails for AI vulnerability agents
Threat intelligence

Google Cloud issues guardrails for AI vulnerability agents

Security teams are being warned to keep humans and strict controls in place as AI agents can miss context and leak sensitive code.

Yesterday

Google Cloud unveils AI security blueprint for GKE
Managed Services

Google Cloud unveils AI security blueprint for GKE

The framework targets CISOs and platform teams as they move AI systems into production, amid rising risks from prompts, models and outputs.

Yesterday

Google Cloud sets out AI security plan with Gemini & Wiz
Threat intelligence

Google Cloud sets out AI security plan with Gemini & Wiz

Defenders could gain a faster edge against AI-driven attacks as Google Cloud ties Gemini, Wiz, CodeMender and Mandiant into one platform.

Yesterday

GitLab 19.2 adds AI tools for security & workflows
Identity and Access Management

GitLab 19.2 adds AI tools for security & workflows

The update aims to cut review bottlenecks by auto-fixing vulnerable dependencies and surfacing code flaws scanners often miss.

Yesterday

CleanStart launches Clean Libraries to secure AI code
Chief Technology Officers

CleanStart launches Clean Libraries to secure AI code

Developers face earlier checks on risky open-source dependencies as AI coding tools speed up software assembly and raise supply chain concerns.

Yesterday

Cloudflare uses eBPF to boost edge security & routing
Network Infrastructure

Cloudflare uses eBPF to boost edge security & routing

The shift has helped the network operator block massive attacks in seconds while reducing reliance on custom kernel patches and specialist hardware.

Yesterday

Targeted open source malware attacks on developers soar
Threat intelligence

Targeted open source malware attacks on developers soar

Malicious package advisories jumped from 21 in 2023 to 1,576 in 2025, as attackers increasingly target developers before code reaches production.

2 days ago

AI coding models make working code, not secure code
IT Department

AI coding models make working code, not secure code

Working output from the latest AI coding tools was secure barely a third of the time, exposing a widening risk for software teams.

2 days ago

Mandiant warns on exposed Cloud Run serverless apps
Identity and Access Management

Mandiant warns on exposed Cloud Run serverless apps

Exposed serverless apps can let attackers steal tokens, read secrets and take over cloud projects if weak code is left unpatched.

2 days ago

Tenable adds app security data to exposure platform
Identity and Access Management

Tenable adds app security data to exposure platform

Security teams can now rank code flaws against cloud and identity risks after Tenable folded application security data into its exposure platform.

3 days ago

Checkmarx launches autonomous agents to fix code flaws
AI Security

Checkmarx launches autonomous agents to fix code flaws

As AI coding speeds up, Checkmarx says its new agents can cut manual vulnerability fixes by up to 70% before code is committed.

3 days ago

Most AI cloud vulnerabilities remain unpatched, Orca says
Digital Transformation

Most AI cloud vulnerabilities remain unpatched, Orca says

Most fixable flaws in live AI cloud systems are still exposed, with Orca finding 99.9% remain unpatched across major platforms.

Last week

BeyondTrust launches NHI governance for machine identities
Enterprise security

BeyondTrust launches NHI governance for machine identities

Security teams can now tighten oversight of service accounts, API keys and AI agents as machine identities outnumber staff in many enterprises.

Last week

NCC Group maps security gaps across AI coding agents
Patching

NCC Group maps security gaps across AI coding agents

Weak default safeguards and uneven sandboxing could leave developers exposed to command execution before workspace trust is granted.

Last week

IBM & Red Hat launch Lightwell for open source fixes
Risk & Compliance

IBM & Red Hat launch Lightwell for open source fixes

Enterprises can now patch older open source software without disruptive upgrades, as IBM and Red Hat target stubborn vulnerability backlogs.

Last week

XBOW wins AWS application security competency status
Public Cloud

XBOW wins AWS application security competency status

The AWS badge could help XBOW win more enterprise deals as buyers seek continuous testing that shows which vulnerabilities are exploitable.

Last week

AI speeds coding but not enterprise software delivery
Productivity

AI speeds coding but not enterprise software delivery

Enterprises risk slower returns from AI as manual approvals and release bottlenecks keep software lead times stuck at 30 to 45 days.

Last week

DigiCert launches Quantum Central for post-quantum readiness
Security Operations Centres

DigiCert launches Quantum Central for post-quantum readiness

Security teams gain a free way to map hidden cryptography before quantum threats make current encryption less reliable.

Last week

Endava & Wiz partner on AI cloud security services
Managed Services

Endava & Wiz partner on AI cloud security services

Enterprise AI roll-outs will get closer monitoring as Endava adds Wiz tools to spot cloud risks earlier across multi-cloud systems.

This month