News and Tech Update

In the wake of the massive Shai-Hulud supply chain attack that ripped through npm late last year and compromised more than 700 packages and exposed 25,000 repositories, developers in the JavaScript world embraced a two-part defense strategy. The widely adopted playbook called for disabling lifecycle scripts and using lockfiles. “It became the standard advice everywhere […] from DevOps.com https://ift.tt/pqkAdte

An analysis published today by Opsera, a provider of a DevOps platform, finds that while adoption of artificial intelligence (AI) coding tools has increased developer productivity they also create more duplicate code, resulting in 15 to 18% more security vulnerabilities per line of code compared to code created by a human developer. Overall, the Opsera […] from DevOps.com https://ift.tt/euW5UkV

As AI takes on decision-making roles inside CI/CD pipelines, DevOps teams face a new challenge: Accountability. This article explores why responsible AI governance is now a core DevOps responsibility and a leadership imperative. from DevOps.com https://ift.tt/MgVRsia

Software supply chain security is steadily moving to the forefront of cybersecurity conversations. In the past, it has been overshadowed by a focus on malware outbreaks, ransomware, endpoint protection, and application vulnerabilities. That changed this month, when OWASP elevated software supply chain failures to third place on its 2025 Top 10 list. The OWASP Top […] from DevOps.com https://ift.tt/C5dnPlX

Apiiro launches Guardian Agent, an AI security agent that rewrites prompts in real time to prevent insecure code from ever being generated, reducing vulnerabilities without slowing developers. from DevOps.com https://ift.tt/MlmNHqI

Anthropic pulls security into the inner dev loop with new Claude Code tools that scan for vulnerabilities in the terminal and on every pull request—before insecure code ever ships. from DevOps.com https://ift.tt/7jzIkvh

As organizations face rising VMware costs and tighter renewal timelines, migrating to AWS has become both urgent and complex. This article explores how an observability-first approach—spanning pre-migration planning, real-time execution, and post-migration optimization—helps IT leaders reduce risk, control costs, and ensure successful cloud migrations. from DevOps.com https://ift.tt/guUpYxK

AI agents aren’t chatbots—they’re systems that act. This guide cuts through the hype to show how DevOps teams can configure, trust, and run AI agents reliably in production. from DevOps.com https://ift.tt/aSbfDNu

Just because AI is writing your code doesn’t mean you can stop worrying about software bills of materials. While the quality of AI coding remains open to debate, there’s no question that everyone and their dog is using it.  That means, if you’re serious about using AI in production, you must track its code in […] from DevOps.com https://ift.tt/VEtfLao

This week, DevOps.com spotlights open roles at NVIDIA, Travelers, Tessera Labs, Sherwin-Williams, and ThinKom Solutions to help engineers advance their careers. from DevOps.com https://ift.tt/26NwvyP

A global survey of 628 enterprise IT leaders conducted by the Futurum Group finds that increasing investment in generative artificial intelligence (AI) (40%), followed closely by AI and machine learning (ML) technologies (39%) and applying AI to IT operations (37%), also known as AIOps, are expected to be the top three drivers for accelerating software […] from DevOps.com https://ift.tt/X6m1exC

SmartBear vice president of AI and architecture Fitz Nowlan explains why maintaining software integrity in the age of artificial intelligence requires organizations to double down on testing and quality assurance. He discusses how AI-driven development increases risk and why stronger QA practices are essential for reliable software delivery. Nowlan argues that AI-driven development increases risk […] from DevOps.com https://ift.tt/FV6NRbl

A reflective take from Alan on why DevOps endures, adapts, and remains a human-centered practice in an era of platforms and AI. from DevOps.com https://ift.tt/o61Shv4

Global availability hides real failures. Learn why bucketed SLIs give a truer picture of reliability—and how SRE teams can align alerts with real business impact. from DevOps.com https://ift.tt/snf8iTS

AWS Sage is an open-source MCP server that gives AI assistants unified, intelligent access to AWS with cross-service discovery, dependency mapping, impact analysis, and automated incident investigation. from DevOps.com https://ift.tt/vcTIxKm

Testlio enhances its testing platform with AI-generated dashboards that correlate over 100 signals, helping DevOps and business leaders spot quality, risk, and AI-related issues faster. from DevOps.com https://ift.tt/sqCp4ZM

Atlanta, GA, United States, 20th January 2026, CyberNewsWire from DevOps.com https://ift.tt/pLkuIgC

Alisa Viejo, United States, 20th January 2026, CyberNewsWire from DevOps.com https://ift.tt/ZUrOTab

Transform your middleware into a resilient powerhouse with automation, consistent configuration, and progressive delivery. Discover how to reduce downtime and increase stability across Apache, Tomcat, WLS, and more. from DevOps.com https://ift.tt/YOZMtzT

Discover top DevOps job opportunities this week from JP Morgan Chase, SpaceX, BBR Partners, Fox Corp, and Veeva Systems, designed to help professionals advance their careers. from DevOps.com https://ift.tt/2xPJYRG

In 2026, cloud cost overruns stop being finance’s problem and become an engineering responsibility. Here’s how treating cost as code finally makes FinOps work. from DevOps.com https://ift.tt/SUzJPbV

GitLab today made generally available an agentic artificial intelligence (AI) platform that automates software engineering tasks ranging from planning to application security. Coinciding with the release of version 18.8 of the core GitLab platform, the GitLab Duo Agent Platform initially provides access to seven AI agents that DevOps teams can assign a range of tasks […] from DevOps.com https://ift.tt/KeQsSi8

When we first launched DevOps.com, the goal was never just to report on tools or trends. It was to elevate the people, ideas, and communities shaping how software is built and delivered. The DevOps Dozen Awards exist for that exact reason. Each year, these awards recognize individuals, teams, technologies, and community efforts that move DevOps […] from DevOps.com https://ift.tt/nIkGbJT

Jonathan Rende, chief product officer at Checkmarx, tackle’s one of the most urgent questions in AppSec right now: what happens when AI starts writing the majority of your software? With estimates that as much as 60% of code is being generated by AI in some environments—and that AI-authored code is already finding its way into […] from DevOps.com https://ift.tt/moqi8Ls

Learn how AWS Bedrock, retrieval-augmented generation (RAG), and ChatOps in Microsoft Teams transform incident response by turning fragmented runbooks into a GenAI-powered assistant that reduces MTTR and improves SRE efficiency. from DevOps.com https://ift.tt/rbRA2uK

Let’s get the obvious out of the way right up front. AI isn’t a person. Thank you, Captain Obvious. We’re all on the same page. And yet, when we announced that AI is Techstrong’s “Person of the Year” for our Predict 2026 virtual event on January 15, a few folks felt compelled to remind us […] from DevOps.com https://ift.tt/JytGsTW