security ci/cd devops
GitOops! Attacking and defending CI/CD pipelines.
Posted on .As part of our ongoing quest to improve the status quo of CI/CD security, we present GitOops: a tool to map CI/CD attack paths in a GitHub organization.…
Our journey navigating the techosphere
As part of our ongoing quest to improve the status quo of CI/CD security, we present GitOops: a tool to map CI/CD attack paths in a GitHub organization.…
How we developed Domain Protect, an open source tool for automated scanning of cloud infrastructure for subdomains vulnerable to takeover.…
By Chongyang Shi, Alex Kaskasoli, Ignacio Dominguez, and Emily Young Following our culture of Technical Autonomy, teams building the Kaluza Energy Platform at OVO choose the cloud platforms and services best suited for them. Most components of the Kaluza platf…
We created a model for automatically delivering infrastructure changes with robust security practices, and used it to build a secure Terraform CI/CD solution for AWS at OVO.…
Here at OVO we make use of managed services that allow us to run less software ourselves, and play pivotal roles in achieving CI/CD; services which are firmly placed on our Paved Road. Two of the most prevalent managed services we use are GitHub and CircleCI.…
At OVO Energy we take cyber-security very seriously. We are keen to ensure that all of our services and infrastructure are set up to be as resistant as possible to attack. One area we’ve recently decided to improve in is the area of security for Docker conta…