Secure delivery. Better defaults.
Practical DevSecOps resources for modern teams
A curated home for secure software delivery, cloud security, supply chain safety, Kubernetes hardening, and trusted references engineers actually use.
Curated resources
High-signal links by topic
CI/CD and Code Security
Containers and Kubernetes
Cloud and Infrastructure
Supply Chain Security
Observability and Response
Common workflows
Fast paths for typical DevSecOps tasks
Secure CI pipelines
Dependency scanning
Container image scanning
Secret detection
Policy as code
IaC security review
Artifact signing
Runtime monitoring
Starter checklist
Simple security baseline for teams
- Enable secret scanning in source control
- Add SAST and dependency scanning to CI
- Use least privilege for cloud and pipeline access
- Review infrastructure as code before deployment
- Scan container images during build
- Sign artifacts and verify provenance
- Monitor runtime activity and alert on anomalies
About
Built as a lightweight resource hub
DevSecOps.dk is designed to stay fast, accessible, and practical. It focuses on high-quality references and a clean user experience for people working across development, security, and platform engineering.