{"id":1476,"date":"2025-03-17T07:52:40","date_gmt":"2025-03-17T07:52:40","guid":{"rendered":"https:\/\/sec-it.co.il\/?p=1476"},"modified":"2025-07-23T05:15:41","modified_gmt":"2025-07-23T05:15:41","slug":"devsecops-%d7%95%d7%90%d7%91%d7%98%d7%97%d7%aa-%d7%a9%d7%a8%d7%a9%d7%a8%d7%aa-%d7%94%d7%90%d7%a1%d7%a4%d7%a7%d7%94-%d7%90%d7%99%d7%9a-%d7%9c%d7%91%d7%a0%d7%95%d7%aa-%d7%aa%d7%95%d7%9b%d7%a0","status":"publish","type":"post","link":"https:\/\/sec-it.co.il\/en\/devsecops-%d7%95%d7%90%d7%91%d7%98%d7%97%d7%aa-%d7%a9%d7%a8%d7%a9%d7%a8%d7%aa-%d7%94%d7%90%d7%a1%d7%a4%d7%a7%d7%94-%d7%90%d7%99%d7%9a-%d7%9c%d7%91%d7%a0%d7%95%d7%aa-%d7%aa%d7%95%d7%9b%d7%a0\/","title":{"rendered":"DevSecOps and Supply Chain Security \u2013 Building Secure Software from the Ground Up"},"content":{"rendered":"<div data-elementor-type=\"wp-post\" data-elementor-id=\"1476\" class=\"elementor elementor-1476\" data-elementor-post-type=\"post\">\n\t\t\t\t<div class=\"elementor-element elementor-element-1990e39 e-flex e-con-boxed wpr-particle-no wpr-jarallax-no wpr-parallax-no wpr-sticky-section-no e-con e-parent\" data-id=\"1990e39\" data-element_type=\"container\">\n\t\t\t\t\t<div class=\"e-con-inner\">\n\t\t\t\t<div class=\"elementor-element elementor-element-bd5029a elementor-widget elementor-widget-text-editor\" data-id=\"bd5029a\" data-element_type=\"widget\" data-widget_type=\"text-editor.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t\t\t\t\t\t\tDevSecOps and Supply Chain Security \u2013 How to Build Secure Software from the Ground Up?\n\n\t\t\t\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t<div class=\"elementor-element elementor-element-f7b6e9e elementor-widget elementor-widget-heading\" data-id=\"f7b6e9e\" data-element_type=\"widget\" data-widget_type=\"heading.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t\t\t<h4 class=\"elementor-heading-title elementor-size-default\">Introduction\n\n<\/h4>\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t<div class=\"elementor-element elementor-element-442edd9 elementor-widget elementor-widget-text-editor\" data-id=\"442edd9\" data-element_type=\"widget\" data-widget_type=\"text-editor.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t\t\t\t\t\t\tIn today's digital age,\u00a0<strong>Fast and efficient software development<\/strong>\u00a0is a critical requirement for any technology organization. However,\u00a0<strong>Advanced cyber threats, supply chain attacks and data breaches<\/strong>\u00a0require a new approach to<strong>Code security and development projects<\/strong>. \t\t\t\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t<div class=\"elementor-element elementor-element-4f18685 elementor-widget elementor-widget-text-editor\" data-id=\"4f18685\" data-element_type=\"widget\" data-widget_type=\"text-editor.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t\t\t\t\t\t\t<strong>DevSecOps<\/strong>\u00a0\u00a0It is a combination of\u00a0<strong>Development<\/strong><strong>\u00a0(Dev),\u00a0<\/strong><strong>securing<\/strong><strong>\u00a0(Sec)\u00a0<\/strong><strong>and operation<\/strong><strong>\u00a0(Ops)<\/strong>, whose purpose is\u00a0<strong>Implement information security in the early stages of development<\/strong>, instead of addressing vulnerabilities only at later stages. \t\t\t\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t<div class=\"elementor-element elementor-element-aead6b2 elementor-widget elementor-widget-heading\" data-id=\"aead6b2\" data-element_type=\"widget\" data-widget_type=\"heading.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t\t\t<h4 class=\"elementor-heading-title elementor-size-default\">How can organizations build secure software from the initial code stage and prevent critical security risks?\n<\/h4>\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t<div class=\"elementor-element elementor-element-440d445 elementor-widget elementor-widget-text-editor\" data-id=\"440d445\" data-element_type=\"widget\" data-widget_type=\"text-editor.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t\t\t\t\t\t\tThis article reviews the\u00a0<strong>Principles<\/strong><strong>\u00a0DevSecOps,\u00a0<\/strong><strong>The importance of supply chain security in the development process, and the steps for properly implementing security throughout the software lifecycle<\/strong><strong>\u00a0(SDLC \u2013 Software Development Lifecycle)<\/strong>. \t\t\t\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t<div class=\"elementor-element elementor-element-95e92fd elementor-widget elementor-widget-heading\" data-id=\"95e92fd\" data-element_type=\"widget\" data-widget_type=\"heading.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t\t\t<h4 class=\"elementor-heading-title elementor-size-default\">What is DevSecOps and why is it essential?\n<\/h4>\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t<div class=\"elementor-element elementor-element-b50ca97 elementor-widget elementor-widget-text-editor\" data-id=\"b50ca97\" data-element_type=\"widget\" data-widget_type=\"text-editor.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t\t\t\t\t\t\tDevSecOps is a development methodology where security is not seen as a separate barrier or step, but as an integral part of the entire process. Unlike traditional methods, where security is only added at the end of development, DevSecOps integrates security testing, access controls, and automated scanning tools throughout all stages of the SDLC.\n\n\t\t\t\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t<div class=\"elementor-element elementor-element-2fc2045 elementor-widget elementor-widget-heading\" data-id=\"2fc2045\" data-element_type=\"widget\" data-widget_type=\"heading.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t\t\t<h4 class=\"elementor-heading-title elementor-size-default\">Key benefits of DevSecOps:\n<\/h4>\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t<div class=\"elementor-element elementor-element-d15dca4 elementor-icon-list--layout-traditional elementor-list-item-link-full_width elementor-widget elementor-widget-icon-list\" data-id=\"d15dca4\" data-element_type=\"widget\" data-widget_type=\"icon-list.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t\t\t\t\t<ul class=\"elementor-icon-list-items\">\n\t\t\t\t\t\t\t<li class=\"elementor-icon-list-item\">\n\t\t\t\t\t\t\t\t\t\t\t<span class=\"elementor-icon-list-icon\">\n\t\t\t\t\t\t\t<svg aria-hidden=\"true\" class=\"e-font-icon-svg e-fas-circle\" viewbox=\"0 0 512 512\" xmlns=\"http:\/\/www.w3.org\/2000\/svg\"><path d=\"M256 8C119 8 8 119 8 256s111 248 248 248 248-111 248-248S393 8 256 8z\"><\/path><\/svg>\t\t\t\t\t\t<\/span>\n\t\t\t\t\t\t\t\t\t\t<span class=\"elementor-icon-list-text\">Early detection of vulnerabilities \u2013 saves time and costs in late security patches.<\/span>\n\t\t\t\t\t\t\t\t\t<\/li>\n\t\t\t\t\t\t\t\t<li class=\"elementor-icon-list-item\">\n\t\t\t\t\t\t\t\t\t\t\t<span class=\"elementor-icon-list-icon\">\n\t\t\t\t\t\t\t<svg aria-hidden=\"true\" class=\"e-font-icon-svg e-fas-circle\" viewbox=\"0 0 512 512\" xmlns=\"http:\/\/www.w3.org\/2000\/svg\"><path d=\"M256 8C119 8 8 119 8 256s111 248 248 248 248-111 248-248S393 8 256 8z\"><\/path><\/svg>\t\t\t\t\t\t<\/span>\n\t\t\t\t\t\t\t\t\t\t<span class=\"elementor-icon-list-text\">Integrating automated security tools \u2013 adding static (SAST) and dynamic (DAST) code testing as part of the development pipeline.<\/span>\n\t\t\t\t\t\t\t\t\t<\/li>\n\t\t\t\t\t\t\t\t<li class=\"elementor-icon-list-item\">\n\t\t\t\t\t\t\t\t\t\t\t<span class=\"elementor-icon-list-icon\">\n\t\t\t\t\t\t\t<svg aria-hidden=\"true\" class=\"e-font-icon-svg e-fas-circle\" viewbox=\"0 0 512 512\" xmlns=\"http:\/\/www.w3.org\/2000\/svg\"><path d=\"M256 8C119 8 8 119 8 256s111 248 248 248 248-111 248-248S393 8 256 8z\"><\/path><\/svg>\t\t\t\t\t\t<\/span>\n\t\t\t\t\t\t\t\t\t\t<span class=\"elementor-icon-list-text\">Compliance with regulatory requirements \u2013 compliance with standards such as ISO 27001, NIST, SOC 2, and GDPR.<\/span>\n\t\t\t\t\t\t\t\t\t<\/li>\n\t\t\t\t\t\t\t\t<li class=\"elementor-icon-list-item\">\n\t\t\t\t\t\t\t\t\t\t\t<span class=\"elementor-icon-list-icon\">\n\t\t\t\t\t\t\t<svg aria-hidden=\"true\" class=\"e-font-icon-svg e-fas-circle\" viewbox=\"0 0 512 512\" xmlns=\"http:\/\/www.w3.org\/2000\/svg\"><path d=\"M256 8C119 8 8 119 8 256s111 248 248 248 248-111 248-248S393 8 256 8z\"><\/path><\/svg>\t\t\t\t\t\t<\/span>\n\t\t\t\t\t\t\t\t\t\t<span class=\"elementor-icon-list-text\">Preventing supply chain attacks \u2013 protecting third-party dependencies, open source libraries, and containers.<\/span>\n\t\t\t\t\t\t\t\t\t<\/li>\n\t\t\t\t\t\t\t\t<li class=\"elementor-icon-list-item\">\n\t\t\t\t\t\t\t\t\t\t\t<span class=\"elementor-icon-list-icon\">\n\t\t\t\t\t\t\t<svg aria-hidden=\"true\" class=\"e-font-icon-svg e-fas-circle\" viewbox=\"0 0 512 512\" xmlns=\"http:\/\/www.w3.org\/2000\/svg\"><path d=\"M256 8C119 8 8 119 8 256s111 248 248 248 248-111 248-248S393 8 256 8z\"><\/path><\/svg>\t\t\t\t\t\t<\/span>\n\t\t\t\t\t\t\t\t\t\t<span class=\"elementor-icon-list-text\">Improving collaboration \u2013 aligning developers, security personnel, and operations teams.<\/span>\n\t\t\t\t\t\t\t\t\t<\/li>\n\t\t\t\t\t\t<\/ul>\n\t\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t<div class=\"elementor-element elementor-element-5ddbb17 elementor-widget elementor-widget-heading\" data-id=\"5ddbb17\" data-element_type=\"widget\" data-widget_type=\"heading.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t\t\t<h4 class=\"elementor-heading-title elementor-size-default\">What are the main threats to the software supply chain?\n<\/h4>\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t<div class=\"elementor-element elementor-element-893bd3e elementor-widget elementor-widget-text-editor\" data-id=\"893bd3e\" data-element_type=\"widget\" data-widget_type=\"text-editor.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t\t\t\t\t\t\tThe software supply chain consists of a variety of internal and external components, with any weak point being an entry point for attackers into the system.\n\n\t\t\t\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t<div class=\"elementor-element elementor-element-dc6305a elementor-widget elementor-widget-text-editor\" data-id=\"dc6305a\" data-element_type=\"widget\" data-widget_type=\"text-editor.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t\t\t\t\t\t\t<strong>Common threats in the supply chain:<\/strong> \t\t\t\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t<div class=\"elementor-element elementor-element-67525d8 elementor-icon-list--layout-traditional elementor-list-item-link-full_width elementor-widget elementor-widget-icon-list\" data-id=\"67525d8\" data-element_type=\"widget\" data-widget_type=\"icon-list.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t\t\t\t\t<ul class=\"elementor-icon-list-items\">\n\t\t\t\t\t\t\t<li class=\"elementor-icon-list-item\">\n\t\t\t\t\t\t\t\t\t\t\t<span class=\"elementor-icon-list-icon\">\n\t\t\t\t\t\t\t<svg aria-hidden=\"true\" class=\"e-font-icon-svg e-fas-circle\" viewbox=\"0 0 512 512\" xmlns=\"http:\/\/www.w3.org\/2000\/svg\"><path d=\"M256 8C119 8 8 119 8 256s111 248 248 248 248-111 248-248S393 8 256 8z\"><\/path><\/svg>\t\t\t\t\t\t<\/span>\n\t\t\t\t\t\t\t\t\t\t<span class=\"elementor-icon-list-text\">Open Source Vulnerabilities \u2013 Using dependencies with known security vulnerabilities.<\/span>\n\t\t\t\t\t\t\t\t\t<\/li>\n\t\t\t\t\t\t\t\t<li class=\"elementor-icon-list-item\">\n\t\t\t\t\t\t\t\t\t\t\t<span class=\"elementor-icon-list-icon\">\n\t\t\t\t\t\t\t<svg aria-hidden=\"true\" class=\"e-font-icon-svg e-fas-circle\" viewbox=\"0 0 512 512\" xmlns=\"http:\/\/www.w3.org\/2000\/svg\"><path d=\"M256 8C119 8 8 119 8 256s111 248 248 248 248-111 248-248S393 8 256 8z\"><\/path><\/svg>\t\t\t\t\t\t<\/span>\n\t\t\t\t\t\t\t\t\t\t<span class=\"elementor-icon-list-text\">Repo Hijacking \u2013 Hijacking repositories and inserting malicious code.<\/span>\n\t\t\t\t\t\t\t\t\t<\/li>\n\t\t\t\t\t\t\t\t<li class=\"elementor-icon-list-item\">\n\t\t\t\t\t\t\t\t\t\t\t<span class=\"elementor-icon-list-icon\">\n\t\t\t\t\t\t\t<svg aria-hidden=\"true\" class=\"e-font-icon-svg e-fas-circle\" viewbox=\"0 0 512 512\" xmlns=\"http:\/\/www.w3.org\/2000\/svg\"><path d=\"M256 8C119 8 8 119 8 256s111 248 248 248 248-111 248-248S393 8 256 8z\"><\/path><\/svg>\t\t\t\t\t\t<\/span>\n\t\t\t\t\t\t\t\t\t\t<span class=\"elementor-icon-list-text\">Weaknesses in containers and Docker images \u2013 using packages with outdated components.<\/span>\n\t\t\t\t\t\t\t\t\t<\/li>\n\t\t\t\t\t\t\t\t<li class=\"elementor-icon-list-item\">\n\t\t\t\t\t\t\t\t\t\t\t<span class=\"elementor-icon-list-icon\">\n\t\t\t\t\t\t\t<svg aria-hidden=\"true\" class=\"e-font-icon-svg e-fas-circle\" viewbox=\"0 0 512 512\" xmlns=\"http:\/\/www.w3.org\/2000\/svg\"><path d=\"M256 8C119 8 8 119 8 256s111 248 248 248 248-111 248-248S393 8 256 8z\"><\/path><\/svg>\t\t\t\t\t\t<\/span>\n\t\t\t\t\t\t\t\t\t\t<span class=\"elementor-icon-list-text\">Insecure permissions in CI\/CD \u2013 incorrect use of API keys and access passwords.<\/span>\n\t\t\t\t\t\t\t\t\t<\/li>\n\t\t\t\t\t\t\t\t<li class=\"elementor-icon-list-item\">\n\t\t\t\t\t\t\t\t\t\t\t<span class=\"elementor-icon-list-icon\">\n\t\t\t\t\t\t\t<svg aria-hidden=\"true\" class=\"e-font-icon-svg e-fas-circle\" viewbox=\"0 0 512 512\" xmlns=\"http:\/\/www.w3.org\/2000\/svg\"><path d=\"M256 8C119 8 8 119 8 256s111 248 248 248 248-111 248-248S393 8 256 8z\"><\/path><\/svg>\t\t\t\t\t\t<\/span>\n\t\t\t\t\t\t\t\t\t\t<span class=\"elementor-icon-list-text\">Social Engineering for Developers \u2013 Hacking into GitHub and GitLab accounts.<\/span>\n\t\t\t\t\t\t\t\t\t<\/li>\n\t\t\t\t\t\t<\/ul>\n\t\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t<div class=\"elementor-element elementor-element-285e61c elementor-widget elementor-widget-heading\" data-id=\"285e61c\" data-element_type=\"widget\" data-widget_type=\"heading.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t\t\t<h4 class=\"elementor-heading-title elementor-size-default\">How to implement DevSecOps and supply chain security in practice?\n<\/h4>\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t<div class=\"elementor-element elementor-element-5114264 elementor-widget elementor-widget-text-editor\" data-id=\"5114264\" data-element_type=\"widget\" data-widget_type=\"text-editor.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t\t\t\t\t\t\t<strong>Code security and security testing automation<\/strong> \t\t\t\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t<div class=\"elementor-element elementor-element-3ce6c8c elementor-icon-list--layout-traditional elementor-list-item-link-full_width elementor-widget elementor-widget-icon-list\" data-id=\"3ce6c8c\" data-element_type=\"widget\" data-widget_type=\"icon-list.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t\t\t\t\t<ul class=\"elementor-icon-list-items\">\n\t\t\t\t\t\t\t<li class=\"elementor-icon-list-item\">\n\t\t\t\t\t\t\t\t\t\t\t<span class=\"elementor-icon-list-icon\">\n\t\t\t\t\t\t\t<svg aria-hidden=\"true\" class=\"e-font-icon-svg e-fas-circle\" viewbox=\"0 0 512 512\" xmlns=\"http:\/\/www.w3.org\/2000\/svg\"><path d=\"M256 8C119 8 8 119 8 256s111 248 248 248 248-111 248-248S393 8 256 8z\"><\/path><\/svg>\t\t\t\t\t\t<\/span>\n\t\t\t\t\t\t\t\t\t\t<span class=\"elementor-icon-list-text\">Using SAST and DAST tools \u2013 integrating static and dynamic code testing during the development stages.<\/span>\n\t\t\t\t\t\t\t\t\t<\/li>\n\t\t\t\t\t\t\t\t<li class=\"elementor-icon-list-item\">\n\t\t\t\t\t\t\t\t\t\t\t<span class=\"elementor-icon-list-icon\">\n\t\t\t\t\t\t\t<svg aria-hidden=\"true\" class=\"e-font-icon-svg e-fas-circle\" viewbox=\"0 0 512 512\" xmlns=\"http:\/\/www.w3.org\/2000\/svg\"><path d=\"M256 8C119 8 8 119 8 256s111 248 248 248 248-111 248-248S393 8 256 8z\"><\/path><\/svg>\t\t\t\t\t\t<\/span>\n\t\t\t\t\t\t\t\t\t\t<span class=\"elementor-icon-list-text\">Vulnerability monitoring with SCA (Software Composition Analysis) \u2013 scanning dependencies and open source libraries.<\/span>\n\t\t\t\t\t\t\t\t\t<\/li>\n\t\t\t\t\t\t\t\t<li class=\"elementor-icon-list-item\">\n\t\t\t\t\t\t\t\t\t\t\t<span class=\"elementor-icon-list-icon\">\n\t\t\t\t\t\t\t<svg aria-hidden=\"true\" class=\"e-font-icon-svg e-fas-circle\" viewbox=\"0 0 512 512\" xmlns=\"http:\/\/www.w3.org\/2000\/svg\"><path d=\"M256 8C119 8 8 119 8 256s111 248 248 248 248-111 248-248S393 8 256 8z\"><\/path><\/svg>\t\t\t\t\t\t<\/span>\n\t\t\t\t\t\t\t\t\t\t<span class=\"elementor-icon-list-text\">Cryptographic code signatures \u2013 verifying the identity of the code and preventing unauthorized changes.<\/span>\n\t\t\t\t\t\t\t\t\t<\/li>\n\t\t\t\t\t\t<\/ul>\n\t\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t<div class=\"elementor-element elementor-element-5174805 elementor-widget elementor-widget-text-editor\" data-id=\"5174805\" data-element_type=\"widget\" data-widget_type=\"text-editor.default\">\n\t\t\t\t<div class=\"elementor-widget-container translation-block\">Protecting the CI\/CD environment<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t<div class=\"elementor-element elementor-element-9cf688f elementor-icon-list--layout-traditional elementor-list-item-link-full_width elementor-widget elementor-widget-icon-list\" data-id=\"9cf688f\" data-element_type=\"widget\" data-widget_type=\"icon-list.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t\t\t\t\t<ul class=\"elementor-icon-list-items\">\n\t\t\t\t\t\t\t<li class=\"elementor-icon-list-item\">\n\t\t\t\t\t\t\t\t\t\t\t<span class=\"elementor-icon-list-icon\">\n\t\t\t\t\t\t\t<svg aria-hidden=\"true\" class=\"e-font-icon-svg e-fas-circle\" viewbox=\"0 0 512 512\" xmlns=\"http:\/\/www.w3.org\/2000\/svg\"><path d=\"M256 8C119 8 8 119 8 256s111 248 248 248 248-111 248-248S393 8 256 8z\"><\/path><\/svg>\t\t\t\t\t\t<\/span>\n\t\t\t\t\t\t\t\t\t\t<span class=\"elementor-icon-list-text\">Restricting permissions in DevOps projects \u2013 using the Least Privilege approach to reduce exposure.<\/span>\n\t\t\t\t\t\t\t\t\t<\/li>\n\t\t\t\t\t\t\t\t<li class=\"elementor-icon-list-item\">\n\t\t\t\t\t\t\t\t\t\t\t<span class=\"elementor-icon-list-icon\">\n\t\t\t\t\t\t\t<svg aria-hidden=\"true\" class=\"e-font-icon-svg e-fas-circle\" viewbox=\"0 0 512 512\" xmlns=\"http:\/\/www.w3.org\/2000\/svg\"><path d=\"M256 8C119 8 8 119 8 256s111 248 248 248 248-111 248-248S393 8 256 8z\"><\/path><\/svg>\t\t\t\t\t\t<\/span>\n\t\t\t\t\t\t\t\t\t\t<span class=\"elementor-icon-list-text\">Secure Secrets Management \u2013 Storing API keys and passwords in secure vaults.<\/span>\n\t\t\t\t\t\t\t\t\t<\/li>\n\t\t\t\t\t\t\t\t<li class=\"elementor-icon-list-item\">\n\t\t\t\t\t\t\t\t\t\t\t<span class=\"elementor-icon-list-icon\">\n\t\t\t\t\t\t\t<svg aria-hidden=\"true\" class=\"e-font-icon-svg e-fas-circle\" viewbox=\"0 0 512 512\" xmlns=\"http:\/\/www.w3.org\/2000\/svg\"><path d=\"M256 8C119 8 8 119 8 256s111 248 248 248 248-111 248-248S393 8 256 8z\"><\/path><\/svg>\t\t\t\t\t\t<\/span>\n\t\t\t\t\t\t\t\t\t\t<span class=\"elementor-icon-list-text\">Digitally signing packages and containers \u2013 protection against the introduction of malicious code during development.<\/span>\n\t\t\t\t\t\t\t\t\t<\/li>\n\t\t\t\t\t\t<\/ul>\n\t\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t<div class=\"elementor-element elementor-element-096e27f elementor-widget elementor-widget-text-editor\" data-id=\"096e27f\" data-element_type=\"widget\" data-widget_type=\"text-editor.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t\t\t\t\t\t\t<strong>Implementing a Zero Trust approach in the supply chain<\/strong> \t\t\t\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t<div class=\"elementor-element elementor-element-870eb99 elementor-icon-list--layout-traditional elementor-list-item-link-full_width elementor-widget elementor-widget-icon-list\" data-id=\"870eb99\" data-element_type=\"widget\" data-widget_type=\"icon-list.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t\t\t\t\t<ul class=\"elementor-icon-list-items\">\n\t\t\t\t\t\t\t<li class=\"elementor-icon-list-item\">\n\t\t\t\t\t\t\t\t\t\t\t<span class=\"elementor-icon-list-icon\">\n\t\t\t\t\t\t\t<svg aria-hidden=\"true\" class=\"e-font-icon-svg e-fas-circle\" viewbox=\"0 0 512 512\" xmlns=\"http:\/\/www.w3.org\/2000\/svg\"><path d=\"M256 8C119 8 8 119 8 256s111 248 248 248 248-111 248-248S393 8 256 8z\"><\/path><\/svg>\t\t\t\t\t\t<\/span>\n\t\t\t\t\t\t\t\t\t\t<span class=\"elementor-icon-list-text\"><a href=\"https:\/\/sec-it.co.il\/en\/zero-trust-%D7%9E%D7%AA%D7%A7%D7%A4%D7%AA-%D7%9B%D7%95%D7%A4%D7%A8\/\">  Implementing a Zero Trust approach in the supply chain    <\/a>  \u2013 Strict access management to organizational resources, even in distributed development. <\/span>\n\t\t\t\t\t\t\t\t\t<\/li>\n\t\t\t\t\t\t\t\t<li class=\"elementor-icon-list-item\">\n\t\t\t\t\t\t\t\t\t\t\t<span class=\"elementor-icon-list-icon\">\n\t\t\t\t\t\t\t<svg aria-hidden=\"true\" class=\"e-font-icon-svg e-fas-circle\" viewbox=\"0 0 512 512\" xmlns=\"http:\/\/www.w3.org\/2000\/svg\"><path d=\"M256 8C119 8 8 119 8 256s111 248 248 248 248-111 248-248S393 8 256 8z\"><\/path><\/svg>\t\t\t\t\t\t<\/span>\n\t\t\t\t\t\t\t\t\t\t<span class=\"elementor-icon-list-text\">Abnormal behavior monitoring \u2013 using artificial intelligence to identify suspicious activity in code repositories and development environments.<\/span>\n\t\t\t\t\t\t\t\t\t<\/li>\n\t\t\t\t\t\t<\/ul>\n\t\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t<div class=\"elementor-element elementor-element-8a1bec5 elementor-widget elementor-widget-text-editor\" data-id=\"8a1bec5\" data-element_type=\"widget\" data-widget_type=\"text-editor.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t\t\t\t\t\t\t<strong>Security of hangings and containers<\/strong> \t\t\t\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t<div class=\"elementor-element elementor-element-27eacc1 elementor-icon-list--layout-traditional elementor-list-item-link-full_width elementor-widget elementor-widget-icon-list\" data-id=\"27eacc1\" data-element_type=\"widget\" data-widget_type=\"icon-list.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t\t\t\t\t<ul class=\"elementor-icon-list-items\">\n\t\t\t\t\t\t\t<li class=\"elementor-icon-list-item\">\n\t\t\t\t\t\t\t\t\t\t\t<span class=\"elementor-icon-list-icon\">\n\t\t\t\t\t\t\t<svg aria-hidden=\"true\" class=\"e-font-icon-svg e-fas-circle\" viewbox=\"0 0 512 512\" xmlns=\"http:\/\/www.w3.org\/2000\/svg\"><path d=\"M256 8C119 8 8 119 8 256s111 248 248 248 248-111 248-248S393 8 256 8z\"><\/path><\/svg>\t\t\t\t\t\t<\/span>\n\t\t\t\t\t\t\t\t\t\t<span class=\"elementor-icon-list-text\">Using container scanners (Docker Image Scanners) \u2013 automatic scanning of Docker images to identify vulnerabilities.<\/span>\n\t\t\t\t\t\t\t\t\t<\/li>\n\t\t\t\t\t\t\t\t<li class=\"elementor-icon-list-item\">\n\t\t\t\t\t\t\t\t\t\t\t<span class=\"elementor-icon-list-icon\">\n\t\t\t\t\t\t\t<svg aria-hidden=\"true\" class=\"e-font-icon-svg e-fas-circle\" viewbox=\"0 0 512 512\" xmlns=\"http:\/\/www.w3.org\/2000\/svg\"><path d=\"M256 8C119 8 8 119 8 256s111 248 248 248 248-111 248-248S393 8 256 8z\"><\/path><\/svg>\t\t\t\t\t\t<\/span>\n\t\t\t\t\t\t\t\t\t\t<span class=\"elementor-icon-list-text\">Implementing Security Policy as Code \u2013 Defining a uniform policy using YAML and Terraform.<\/span>\n\t\t\t\t\t\t\t\t\t<\/li>\n\t\t\t\t\t\t\t\t<li class=\"elementor-icon-list-item\">\n\t\t\t\t\t\t\t\t\t\t\t<span class=\"elementor-icon-list-icon\">\n\t\t\t\t\t\t\t<svg aria-hidden=\"true\" class=\"e-font-icon-svg e-fas-circle\" viewbox=\"0 0 512 512\" xmlns=\"http:\/\/www.w3.org\/2000\/svg\"><path d=\"M256 8C119 8 8 119 8 256s111 248 248 248 248-111 248-248S393 8 256 8z\"><\/path><\/svg>\t\t\t\t\t\t<\/span>\n\t\t\t\t\t\t\t\t\t\t<span class=\"elementor-icon-list-text\">Continuously updating library versions \u2013 using tools like Dependabot and Renovate to prevent exploitation of known vulnerabilities.<\/span>\n\t\t\t\t\t\t\t\t\t<\/li>\n\t\t\t\t\t\t<\/ul>\n\t\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t<div class=\"elementor-element elementor-element-2a3c9f0 elementor-widget elementor-widget-text-editor\" data-id=\"2a3c9f0\" data-element_type=\"widget\" data-widget_type=\"text-editor.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t\t\t\t\t\t\t<strong>Real-time threat monitoring and rapid response<\/strong> \t\t\t\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t<div class=\"elementor-element elementor-element-fdbade8 elementor-icon-list--layout-traditional elementor-list-item-link-full_width elementor-widget elementor-widget-icon-list\" data-id=\"fdbade8\" data-element_type=\"widget\" data-widget_type=\"icon-list.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t\t\t\t\t<ul class=\"elementor-icon-list-items\">\n\t\t\t\t\t\t\t<li class=\"elementor-icon-list-item\">\n\t\t\t\t\t\t\t\t\t\t\t<span class=\"elementor-icon-list-icon\">\n\t\t\t\t\t\t\t<svg aria-hidden=\"true\" class=\"e-font-icon-svg e-fas-circle\" viewbox=\"0 0 512 512\" xmlns=\"http:\/\/www.w3.org\/2000\/svg\"><path d=\"M256 8C119 8 8 119 8 256s111 248 248 248 248-111 248-248S393 8 256 8z\"><\/path><\/svg>\t\t\t\t\t\t<\/span>\n\t\t\t\t\t\t\t\t\t\t<span class=\"elementor-icon-list-text\">Integration of SIEM and SOAR systems \u2013 Security Event Management (SIEM) along with automated threat response (SOAR).<\/span>\n\t\t\t\t\t\t\t\t\t<\/li>\n\t\t\t\t\t\t\t\t<li class=\"elementor-icon-list-item\">\n\t\t\t\t\t\t\t\t\t\t\t<span class=\"elementor-icon-list-icon\">\n\t\t\t\t\t\t\t<svg aria-hidden=\"true\" class=\"e-font-icon-svg e-fas-circle\" viewbox=\"0 0 512 512\" xmlns=\"http:\/\/www.w3.org\/2000\/svg\"><path d=\"M256 8C119 8 8 119 8 256s111 248 248 248 248-111 248-248S393 8 256 8z\"><\/path><\/svg>\t\t\t\t\t\t<\/span>\n\t\t\t\t\t\t\t\t\t\t<span class=\"elementor-icon-list-text\">Logging &amp; Monitoring \u2013 Constant monitoring of suspicious changes to repositories, libraries, and CI\/CD systems.<\/span>\n\t\t\t\t\t\t\t\t\t<\/li>\n\t\t\t\t\t\t<\/ul>\n\t\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t<div class=\"elementor-element elementor-element-c414b18 elementor-widget elementor-widget-heading\" data-id=\"c414b18\" data-element_type=\"widget\" data-widget_type=\"heading.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t\t\t<h4 class=\"elementor-heading-title elementor-size-default\">Summary: DevSecOps and Supply Chain Security\n<\/h4>\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t<div class=\"elementor-element elementor-element-abe5022 elementor-icon-list--layout-traditional elementor-list-item-link-full_width elementor-widget elementor-widget-icon-list\" data-id=\"abe5022\" data-element_type=\"widget\" data-widget_type=\"icon-list.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t\t\t\t\t<ul class=\"elementor-icon-list-items\">\n\t\t\t\t\t\t\t<li class=\"elementor-icon-list-item\">\n\t\t\t\t\t\t\t\t\t\t\t<span class=\"elementor-icon-list-icon\">\n\t\t\t\t\t\t\t<svg aria-hidden=\"true\" class=\"e-font-icon-svg e-fas-circle\" viewbox=\"0 0 512 512\" xmlns=\"http:\/\/www.w3.org\/2000\/svg\"><path d=\"M256 8C119 8 8 119 8 256s111 248 248 248 248-111 248-248S393 8 256 8z\"><\/path><\/svg>\t\t\t\t\t\t<\/span>\n\t\t\t\t\t\t\t\t\t\t<span class=\"elementor-icon-list-text\">Implementing SAST and DAST tests to detect weaknesses early in development.<\/span>\n\t\t\t\t\t\t\t\t\t<\/li>\n\t\t\t\t\t\t\t\t<li class=\"elementor-icon-list-item\">\n\t\t\t\t\t\t\t\t\t\t\t<span class=\"elementor-icon-list-icon\">\n\t\t\t\t\t\t\t<svg aria-hidden=\"true\" class=\"e-font-icon-svg e-fas-circle\" viewbox=\"0 0 512 512\" xmlns=\"http:\/\/www.w3.org\/2000\/svg\"><path d=\"M256 8C119 8 8 119 8 256s111 248 248 248 248-111 248-248S393 8 256 8z\"><\/path><\/svg>\t\t\t\t\t\t<\/span>\n\t\t\t\t\t\t\t\t\t\t<span class=\"elementor-icon-list-text\">Hardening the CI\/CD environment and managing permissions using the Least Privilege approach.<\/span>\n\t\t\t\t\t\t\t\t\t<\/li>\n\t\t\t\t\t\t\t\t<li class=\"elementor-icon-list-item\">\n\t\t\t\t\t\t\t\t\t\t\t<span class=\"elementor-icon-list-icon\">\n\t\t\t\t\t\t\t<svg aria-hidden=\"true\" class=\"e-font-icon-svg e-fas-circle\" viewbox=\"0 0 512 512\" xmlns=\"http:\/\/www.w3.org\/2000\/svg\"><path d=\"M256 8C119 8 8 119 8 256s111 248 248 248 248-111 248-248S393 8 256 8z\"><\/path><\/svg>\t\t\t\t\t\t<\/span>\n\t\t\t\t\t\t\t\t\t\t<span class=\"elementor-icon-list-text\">Monitoring vulnerabilities in third-party dependencies and containers.<\/span>\n\t\t\t\t\t\t\t\t\t<\/li>\n\t\t\t\t\t\t\t\t<li class=\"elementor-icon-list-item\">\n\t\t\t\t\t\t\t\t\t\t\t<span class=\"elementor-icon-list-icon\">\n\t\t\t\t\t\t\t<svg aria-hidden=\"true\" class=\"e-font-icon-svg e-fas-circle\" viewbox=\"0 0 512 512\" xmlns=\"http:\/\/www.w3.org\/2000\/svg\"><path d=\"M256 8C119 8 8 119 8 256s111 248 248 248 248-111 248-248S393 8 256 8z\"><\/path><\/svg>\t\t\t\t\t\t<\/span>\n\t\t\t\t\t\t\t\t\t\t<span class=\"elementor-icon-list-text\">Implementing a Zero Trust approach for developers and external vendors.<\/span>\n\t\t\t\t\t\t\t\t\t<\/li>\n\t\t\t\t\t\t\t\t<li class=\"elementor-icon-list-item\">\n\t\t\t\t\t\t\t\t\t\t\t<span class=\"elementor-icon-list-icon\">\n\t\t\t\t\t\t\t<svg aria-hidden=\"true\" class=\"e-font-icon-svg e-fas-circle\" viewbox=\"0 0 512 512\" xmlns=\"http:\/\/www.w3.org\/2000\/svg\"><path d=\"M256 8C119 8 8 119 8 256s111 248 248 248 248-111 248-248S393 8 256 8z\"><\/path><\/svg>\t\t\t\t\t\t<\/span>\n\t\t\t\t\t\t\t\t\t\t<span class=\"elementor-icon-list-text\">Using SIEM and SOAR to automatically identify and respond to security threats.<\/span>\n\t\t\t\t\t\t\t\t\t<\/li>\n\t\t\t\t\t\t<\/ul>\n\t\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t<div class=\"elementor-element elementor-element-44910da elementor-widget elementor-widget-text-editor\" data-id=\"44910da\" data-element_type=\"widget\" data-widget_type=\"text-editor.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t\t\t\t\t\t\tImplementing DevSecOps and supply chain security will enable organizations to prevent cyberattacks before they occur, improve customer trust, and ensure high-quality, secure software from the very first stage.\n\n\t\t\t\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t<div class=\"elementor-element elementor-element-ee68a3e elementor-widget elementor-widget-text-editor\" data-id=\"ee68a3e\" data-element_type=\"widget\" data-widget_type=\"text-editor.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t\t\t\t\t\t\tCybersecurity and IT \u2013 Two Words, One Solution\n\n\t\t\t\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t<\/div>","protected":false},"excerpt":{"rendered":"<p>DevSecOps \u05d5\u05d0\u05d1\u05d8\u05d7\u05ea \u05e9\u05e8\u05e9\u05e8\u05ea \u05d4\u05d0\u05e1\u05e4\u05e7\u05d4 \u2013 \u05d0\u05d9\u05da \u05dc\u05d1\u05e0\u05d5\u05ea \u05ea\u05d5\u05db\u05e0\u05d4 \u05de\u05d0\u05d5\u05d1\u05d8\u05d7\u05ea \u05de\u05d4\u05e9\u05dc\u05d1 \u05d4\u05e8\u05d0\u05e9\u05d5\u05df? \u05de\u05d1\u05d5\u05d0 \u05d1\u05e2\u05d9\u05d3\u05df \u05d4\u05d3\u05d9\u05d2\u05d9\u05d8\u05dc\u05d9 \u05e9\u05dc \u05d4\u05d9\u05d5\u05dd,\u00a0\u05e4\u05d9\u05ea\u05d5\u05d7 \u05ea\u05d5\u05db\u05e0\u05d4 \u05de\u05d4\u05d9\u05e8 \u05d5\u05d9\u05e2\u05d9\u05dc\u00a0\u05d4\u05d5\u05d0 \u05d3\u05e8\u05d9\u05e9\u05d4 \u05e7\u05e8\u05d9\u05d8\u05d9\u05ea \u05dc\u05db\u05dc \u05d0\u05e8\u05d2\u05d5\u05df \u05d8\u05db\u05e0\u05d5\u05dc\u05d5\u05d2\u05d9. \u05e2\u05dd \u05d6\u05d0\u05ea,\u00a0\u05d0\u05d9\u05d5\u05de\u05d9 \u05e1\u05d9\u05d9\u05d1\u05e8 \u05de\u05ea\u05e7\u05d3\u05de\u05d9\u05dd, \u05de\u05ea\u05e7\u05e4\u05d5\u05ea \u05e2\u05dc \u05e9\u05e8\u05e9\u05e8\u05ea \u05d4\u05d0\u05e1\u05e4\u05e7\u05d4 \u05d5\u05d4\u05e4\u05e8\u05d5\u05ea \u05e0\u05ea\u05d5\u05e0\u05d9\u05dd\u00a0\u05de\u05d7\u05d9\u05d9\u05d1\u05d9\u05dd \u05d2\u05d9\u05e9\u05d4 \u05d7\u05d3\u05e9\u05d4 \u05dc\u05d0\u05d1\u05d8\u05d7\u05ea \u05e7\u05d5\u05d3 \u05d5\u05e4\u05e8\u05d5\u05d9\u05e7\u05d8\u05d9 \u05e4\u05d9\u05ea\u05d5\u05d7. DevSecOps\u00a0\u00a0\u05d4\u05d5\u05d0 \u05e9\u05d9\u05dc\u05d5\u05d1 \u05e9\u05dc\u00a0\u05e4\u05d9\u05ea\u05d5\u05d7\u00a0(Dev),\u00a0\u05d0\u05d1\u05d8\u05d7\u05d4\u00a0(Sec)\u00a0\u05d5\u05ea\u05e4\u05e2\u05d5\u05dc\u00a0(Ops), \u05e9\u05de\u05d8\u05e8\u05ea\u05d5\u00a0\u05dc\u05d4\u05d8\u05de\u05d9\u05e2 \u05d0\u05d1\u05d8\u05d7\u05ea \u05de\u05d9\u05d3\u05e2 \u05db\u05d1\u05e8 \u05d1\u05e9\u05dc\u05d1\u05d9 \u05d4\u05e4\u05d9\u05ea\u05d5\u05d7 \u05d4\u05e8\u05d0\u05e9\u05d5\u05e0\u05d9\u05dd, \u05d1\u05de\u05e7\u05d5\u05dd \u05dc\u05d8\u05e4\u05dc \u05d1\u05e4\u05e8\u05e6\u05d5\u05ea \u05e8\u05e7 \u05d1\u05e9\u05dc\u05d1\u05d9\u05dd \u05de\u05d0\u05d5\u05d7\u05e8\u05d9\u05dd \u05d9\u05d5\u05ea\u05e8. \u05db\u05d9\u05e6\u05d3 \u05d0\u05e8\u05d2\u05d5\u05e0\u05d9\u05dd \u05d9\u05db\u05d5\u05dc\u05d9\u05dd \u05dc\u05d1\u05e0\u05d5\u05ea \u05ea\u05d5\u05db\u05e0\u05d4 \u05de\u05d0\u05d5\u05d1\u05d8\u05d7\u05ea \u05db\u05d1\u05e8 \u05de\u05e9\u05dc\u05d1 \u05d4\u05e7\u05d5\u05d3 \u05d4\u05e8\u05d0\u05e9\u05d5\u05e0\u05d9 \u05d5\u05dc\u05de\u05e0\u05d5\u05e2 \u05e1\u05d9\u05db\u05d5\u05e0\u05d9 \u05d0\u05d1\u05d8\u05d7\u05d4 \u05e7\u05e8\u05d9\u05d8\u05d9\u05d9\u05dd? \u05de\u05d0\u05de\u05e8 \u05d6\u05d4 \u05e1\u05d5\u05e7\u05e8 \u05d0\u05ea\u00a0\u05e2\u05e7\u05e8\u05d5\u05e0\u05d5\u05ea\u00a0DevSecOps,\u00a0\u05d7\u05e9\u05d9\u05d1\u05d5\u05ea \u05d0\u05d1\u05d8\u05d7\u05ea \u05e9\u05e8\u05e9\u05e8\u05ea \u05d4\u05d0\u05e1\u05e4\u05e7\u05d4 \u05d1\u05ea\u05d4\u05dc\u05d9\u05da \u05d4\u05e4\u05d9\u05ea\u05d5\u05d7, \u05d5\u05d4\u05e9\u05dc\u05d1\u05d9\u05dd \u05dc\u05d9\u05d9\u05e9\u05d5\u05dd \u05e0\u05db\u05d5\u05df \u05e9\u05dc \u05d0\u05d1\u05d8\u05d7\u05d4 \u05d1\u05db\u05dc \u05de\u05d7\u05d6\u05d5\u05e8 \u05d7\u05d9\u05d9 \u05d4\u05ea\u05d5\u05db\u05e0\u05d4\u00a0(SDLC \u2013 Software Development Lifecycle). \u05de\u05d4\u05d5 DevSecOps \u05d5\u05dc\u05de\u05d4 \u05d4\u05d5\u05d0 \u05d7\u05d9\u05d5\u05e0\u05d9? DevSecOps \u05d4\u05d9\u05d0 \u05de\u05ea\u05d5\u05d3\u05d5\u05dc\u05d5\u05d2\u05d9\u05d9\u05ea \u05e4\u05d9\u05ea\u05d5\u05d7 \u05e9\u05d1\u05d4 \u05d4\u05d0\u05d1\u05d8\u05d7\u05d4 \u05d0\u05d9\u05e0\u05d4 \u05e0\u05ea\u05e4\u05e1\u05ea \u05db\u05d7\u05e1\u05dd \u05d0\u05d5 \u05e9\u05dc\u05d1 \u05e0\u05e4\u05e8\u05d3, \u05d0\u05dc\u05d0 \u05db\u05d7\u05dc\u05e7 \u05d1\u05dc\u05ea\u05d9 \u05e0\u05e4\u05e8\u05d3 \u05de\u05d4\u05ea\u05d4\u05dc\u05d9\u05da \u05db\u05d5\u05dc\u05d5. \u05d1\u05e0\u05d9\u05d2\u05d5\u05d3 \u05dc\u05e9\u05d9\u05d8\u05d5\u05ea \u05de\u05e1\u05d5\u05e8\u05ea\u05d9\u05d5\u05ea, \u05d1\u05d4\u05df \u05d4\u05d0\u05d1\u05d8\u05d7\u05d4 \u05de\u05ea\u05d5\u05d5\u05e1\u05e4\u05ea \u05e8\u05e7 \u05d1\u05e1\u05d5\u05e3 \u05d4\u05e4\u05d9\u05ea\u05d5\u05d7, DevSecOps \u05de\u05e9\u05dc\u05d1 \u05d1\u05d3\u05d9\u05e7\u05d5\u05ea \u05d0\u05d1\u05d8\u05d7\u05d4, \u05d1\u05e7\u05e8\u05d5\u05ea \u05d2\u05d9\u05e9\u05d4 \u05d5\u05db\u05dc\u05d9 \u05e1\u05e8\u05d9\u05e7\u05d4 \u05d0\u05d5\u05d8\u05d5\u05de\u05d8\u05d9\u05d9\u05dd \u05d1\u05db\u05dc \u05e9\u05dc\u05d1\u05d9 \u05d4-SDLC. \u05d9\u05ea\u05e8\u05d5\u05e0\u05d5\u05ea \u05de\u05e8\u05db\u05d6\u05d9\u05d9\u05dd \u05e9\u05dc DevSecOps: \u05d0\u05d9\u05ea\u05d5\u05e8 \u05d7\u05d5\u05dc\u05e9\u05d5\u05ea \u05de\u05d5\u05e7\u05d3\u05dd \u2013 \u05d7\u05d5\u05e1\u05da \u05d6\u05de\u05df \u05d5\u05e2\u05dc\u05d5\u05d9\u05d5\u05ea \u05d1\u05ea\u05d9\u05e7\u05d5\u05e0\u05d9 \u05d0\u05d1\u05d8\u05d7\u05d4 \u05de\u05d0\u05d5\u05d7\u05e8\u05d9\u05dd. \u05e9\u05d9\u05dc\u05d5\u05d1 \u05db\u05dc\u05d9 \u05d0\u05d1\u05d8\u05d7\u05d4 \u05d0\u05d5\u05d8\u05d5\u05de\u05d8\u05d9\u05d9\u05dd \u2013 \u05d4\u05d5\u05e1\u05e4\u05ea \u05d1\u05d3\u05d9\u05e7\u05d5\u05ea \u05e7\u05d5\u05d3 \u05e1\u05d8\u05d8\u05d9\u05d5\u05ea (SAST) \u05d5\u05d3\u05d9\u05e0\u05de\u05d9\u05d5\u05ea (DAST) \u05db\u05d7\u05dc\u05e7 \u05de\u05e6\u05d9\u05e0\u05d5\u05e8 \u05d4\u05e4\u05d9\u05ea\u05d5\u05d7 (Pipeline). \u05e2\u05de\u05d9\u05d3\u05d4 \u05d1\u05d3\u05e8\u05d9\u05e9\u05d5\u05ea \u05e8\u05d2\u05d5\u05dc\u05d8\u05d5\u05e8\u05d9\u05d5\u05ea \u2013 \u05d4\u05ea\u05d0\u05de\u05d4 \u05dc\u05ea\u05e7\u05e0\u05d9\u05dd \u05db\u05de\u05d5 ISO 27001, NIST, SOC 2 \u05d5-GDPR. \u05de\u05e0\u05d9\u05e2\u05ea \u05de\u05ea\u05e7\u05e4\u05d5\u05ea \u05e2\u05dc \u05e9\u05e8\u05e9\u05e8\u05ea \u05d4\u05d0\u05e1\u05e4\u05e7\u05d4 \u2013 \u05d4\u05d2\u05e0\u05d4 \u05e2\u05dc \u05ea\u05dc\u05d5\u05d9\u05d5\u05ea \u05e6\u05d3 \u05e9\u05dc\u05d9\u05e9\u05d9, \u05e1\u05e4\u05e8\u05d9\u05d5\u05ea \u05e7\u05d5\u05d3 \u05e4\u05ea\u05d5\u05d7 \u05d5\u05e7\u05d5\u05e0\u05d8\u05d9\u05d9\u05e0\u05e8\u05d9\u05dd. \u05e9\u05d9\u05e4\u05d5\u05e8 \u05e9\u05d9\u05ea\u05d5\u05e3 \u05d4\u05e4\u05e2\u05d5\u05dc\u05d4 \u2013 \u05d9\u05d9\u05e9\u05d5\u05e8 \u05e7\u05d5 \u05d1\u05d9\u05df \u05de\u05e4\u05ea\u05d7\u05d9\u05dd, \u05d0\u05e0\u05e9\u05d9 \u05d0\u05d1\u05d8\u05d7\u05d4 \u05d5\u05e6\u05d5\u05d5\u05ea\u05d9 \u05ea\u05e4\u05e2\u05d5\u05dc. \u05de\u05d4\u05dd \u05d4\u05d0\u05d9\u05d5\u05de\u05d9\u05dd \u05d4\u05de\u05e8\u05db\u05d6\u05d9\u05d9\u05dd \u05e2\u05dc \u05e9\u05e8\u05e9\u05e8\u05ea \u05d0\u05e1\u05e4\u05e7\u05ea \u05d4\u05ea\u05d5\u05db\u05e0\u05d4? \u05e9\u05e8\u05e9\u05e8\u05ea \u05d4\u05d0\u05e1\u05e4\u05e7\u05d4 \u05e9\u05dc \u05ea\u05d5\u05db\u05e0\u05d4 \u05de\u05d5\u05e8\u05db\u05d1\u05ea \u05de\u05de\u05d2\u05d5\u05d5\u05df \u05e8\u05db\u05d9\u05d1\u05d9\u05dd \u05e4\u05e0\u05d9\u05de\u05d9\u05d9\u05dd \u05d5\u05d7\u05d9\u05e6\u05d5\u05e0\u05d9\u05d9\u05dd, \u05db\u05d0\u05e9\u05e8 \u05db\u05dc \u05e0\u05e7\u05d5\u05d3\u05ea \u05ea\u05d5\u05e8\u05e4\u05d4 \u05d9\u05db\u05d5\u05dc\u05d4 \u05dc\u05d4\u05e4\u05d5\u05da \u05dc\u05db\u05e0\u05d9\u05e1\u05ea \u05ea\u05d5\u05e7\u05e4\u05d9\u05dd \u05dc\u05de\u05e2\u05e8\u05db\u05ea. \u05d0\u05d9\u05d5\u05de\u05d9\u05dd \u05e0\u05e4\u05d5\u05e6\u05d9\u05dd \u05d1\u05e9\u05e8\u05e9\u05e8\u05ea \u05d4\u05d0\u05e1\u05e4\u05e7\u05d4: \u05d7\u05d5\u05dc\u05e9\u05d5\u05ea \u05d1\u05e7\u05d5\u05d3 \u05e4\u05ea\u05d5\u05d7 (Open Source Vulnerabilities) \u2013 \u05e9\u05d9\u05de\u05d5\u05e9 \u05d1\u05ea\u05dc\u05d5\u05d9\u05d5\u05ea \u05e2\u05dd \u05e4\u05e8\u05e6\u05d5\u05ea \u05d0\u05d1\u05d8\u05d7\u05d4 \u05d9\u05d3\u05d5\u05e2\u05d5\u05ea. \u05ea\u05e7\u05d9\u05e4\u05d5\u05ea \u05e2\u05dc \u05de\u05d0\u05d2\u05e8\u05d9 \u05e7\u05d5\u05d3 (Repo Hijacking) \u2013 \u05d7\u05d8\u05d9\u05e4\u05ea \u05e8\u05e4\u05d5\u05d6\u05d9\u05d8\u05d5\u05e8\u05d9\u05d6 \u05d5\u05d4\u05d7\u05d3\u05e8\u05ea \u05e7\u05d5\u05d3 \u05d6\u05d3\u05d5\u05e0\u05d9. \u05d7\u05d5\u05dc\u05e9\u05d5\u05ea \u05d1\u05e7\u05d5\u05e0\u05d8\u05d9\u05d9\u05e0\u05e8\u05d9\u05dd \u05d5\u05d1\u05ea\u05de\u05d5\u05e0\u05d5\u05ea Docker \u2013 \u05e9\u05d9\u05de\u05d5\u05e9 \u05d1\u05d0\u05e8\u05d9\u05d6\u05d5\u05ea \u05e2\u05dd \u05e8\u05db\u05d9\u05d1\u05d9\u05dd \u05dc\u05d0 \u05de\u05e2\u05d5\u05d3\u05db\u05e0\u05d9\u05dd. \u05d4\u05e8\u05e9\u05d0\u05d5\u05ea \u05dc\u05d0 \u05de\u05d0\u05d5\u05d1\u05d8\u05d7\u05d5\u05ea \u05d1-CI\/CD \u2013 \u05e9\u05d9\u05de\u05d5\u05e9 \u05e9\u05d2\u05d5\u05d9 \u05d1\u05de\u05e4\u05ea\u05d7\u05d5\u05ea API \u05d5\u05e1\u05d9\u05e1\u05de\u05d0\u05d5\u05ea \u05d2\u05d9\u05e9\u05d4. \u05d4\u05e0\u05d3\u05e1\u05d4 \u05d7\u05d1\u05e8\u05ea\u05d9\u05ea (Social Engineering) \u05dc\u05de\u05e4\u05ea\u05d7\u05d9\u05dd \u2013 \u05e4\u05e8\u05d9\u05e6\u05d5\u05ea \u05dc\u05d7\u05e9\u05d1\u05d5\u05e0\u05d5\u05ea GitHub \u05d5-GitLab. \u05db\u05d9\u05e6\u05d3 \u05dc\u05d9\u05d9\u05e9\u05dd \u05d0\u05ea DevSecOps \u05d5\u05d0\u05d1\u05d8\u05d7\u05ea \u05e9\u05e8\u05e9\u05e8\u05ea \u05d4\u05d0\u05e1\u05e4\u05e7\u05d4 \u05d1\u05e4\u05d5\u05e2\u05dc? \u05d0\u05d1\u05d8\u05d7\u05ea \u05e7\u05d5\u05d3 \u05d5\u05d0\u05d5\u05d8\u05d5\u05de\u05e6\u05d9\u05d4 \u05e9\u05dc \u05d1\u05d3\u05d9\u05e7\u05d5\u05ea \u05d0\u05d1\u05d8\u05d7\u05d4 \u05e9\u05d9\u05de\u05d5\u05e9 \u05d1\u05db\u05dc\u05d9 SAST \u05d5-DAST \u2013 \u05e9\u05d9\u05dc\u05d5\u05d1 \u05d1\u05d3\u05d9\u05e7\u05d5\u05ea \u05e7\u05d5\u05d3 \u05e1\u05d8\u05d8\u05d9\u05d5\u05ea \u05d5\u05d3\u05d9\u05e0\u05de\u05d9\u05d5\u05ea \u05d1\u05e9\u05dc\u05d1\u05d9 \u05d4\u05e4\u05d9\u05ea\u05d5\u05d7. \u05e0\u05d9\u05d8\u05d5\u05e8 \u05d7\u05d5\u05dc\u05e9\u05d5\u05ea \u05e2\u05dd SCA (Software Composition Analysis) \u2013 \u05e1\u05e8\u05d9\u05e7\u05ea \u05ea\u05dc\u05d5\u05d9\u05d5\u05ea \u05d5\u05e1\u05e4\u05e8\u05d9\u05d5\u05ea \u05e7\u05d5\u05d3 \u05e4\u05ea\u05d5\u05d7. \u05d7\u05ea\u05d9\u05de\u05d5\u05ea \u05e7\u05e8\u05d9\u05e4\u05d8\u05d5\u05d2\u05e8\u05e4\u05d9\u05d5\u05ea \u05dc\u05e7\u05d5\u05d3 \u2013 \u05d0\u05d9\u05de\u05d5\u05ea \u05d6\u05d4\u05d5\u05ea \u05d4\u05e7\u05d5\u05d3 \u05d5\u05de\u05e0\u05d9\u05e2\u05ea \u05e9\u05d9\u05e0\u05d5\u05d9\u05d9\u05dd \u05d1\u05dc\u05ea\u05d9 \u05de\u05d5\u05e8\u05e9\u05d9\u05dd. \u05d4\u05d2\u05e0\u05d4 \u05e2\u05dc \u05e1\u05d1\u05d9\u05d1\u05ea CI\/CD \u05d4\u05d2\u05d1\u05dc\u05ea \u05d4\u05e8\u05e9\u05d0\u05d5\u05ea \u05d1\u05e4\u05e8\u05d5\u05d9\u05e7\u05d8\u05d9 DevOps \u2013 \u05e9\u05d9\u05de\u05d5\u05e9 \u05d1\u05d2\u05d9\u05e9\u05ea Least Privilege \u05dc\u05e6\u05de\u05e6\u05d5\u05dd \u05d7\u05e9\u05d9\u05e4\u05d4. \u05e0\u05d9\u05d4\u05d5\u05dc \u05de\u05d0\u05d5\u05d1\u05d8\u05d7 \u05e9\u05dc \u05e1\u05d5\u05d3\u05d5\u05ea (Secrets Management) \u2013 \u05d0\u05d7\u05e1\u05d5\u05df \u05de\u05e4\u05ea\u05d7\u05d5\u05ea API \u05d5\u05e1\u05d9\u05e1\u05de\u05d0\u05d5\u05ea \u05d1\u05db\u05e1\u05e4\u05d5\u05ea \u05de\u05d0\u05d5\u05d1\u05d8\u05d7\u05d5\u05ea. \u05d7\u05ea\u05d9\u05de\u05d4 \u05d3\u05d9\u05d2\u05d9\u05d8\u05dc\u05d9\u05ea \u05e2\u05dc \u05d7\u05d1\u05d9\u05dc\u05d5\u05ea \u05d5\u05e7\u05d5\u05e0\u05d8\u05d9\u05d9\u05e0\u05e8\u05d9\u05dd \u2013 \u05d4\u05d2\u05e0\u05d4 \u05de\u05e4\u05e0\u05d9 \u05d4\u05db\u05e0\u05e1\u05ea \u05e7\u05d5\u05d3 \u05d6\u05d3\u05d5\u05e0\u05d9 \u05d1\u05de\u05d4\u05dc\u05da \u05d4\u05e4\u05d9\u05ea\u05d5\u05d7. \u05d9\u05d9\u05e9\u05d5\u05dd \u05d2\u05d9\u05e9\u05ea Zero Trust \u05d1\u05e9\u05e8\u05e9\u05e8\u05ea \u05d4\u05d0\u05e1\u05e4\u05e7\u05d4 Zero Trust Network Access (ZTNA) \u2013 \u05e0\u05d9\u05d4\u05d5\u05dc \u05d2\u05d9\u05e9\u05d4 \u05e7\u05e4\u05d3\u05e0\u05d9 \u05dc\u05de\u05e9\u05d0\u05d1\u05d9\u05dd \u05d0\u05e8\u05d2\u05d5\u05e0\u05d9\u05d9\u05dd, \u05d2\u05dd \u05d1\u05e4\u05d9\u05ea\u05d5\u05d7 \u05de\u05d1\u05d5\u05d6\u05e8. \u05e0\u05d9\u05d8\u05d5\u05e8 \u05d4\u05ea\u05e0\u05d4\u05d2\u05d5\u05ea \u05d7\u05e8\u05d9\u05d2\u05d4 \u2013 \u05e9\u05d9\u05de\u05d5\u05e9 \u05d1\u05d1\u05d9\u05e0\u05d4 \u05de\u05dc\u05d0\u05db\u05d5\u05ea\u05d9\u05ea \u05dc\u05d6\u05d9\u05d4\u05d5\u05d9 \u05e4\u05e2\u05d9\u05dc\u05d5\u05ea \u05d7\u05e9\u05d5\u05d3\u05d4 \u05d1\u05de\u05d0\u05d2\u05e8\u05d9 \u05e7\u05d5\u05d3 \u05d5\u05d1\u05e1\u05d1\u05d9\u05d1\u05d5\u05ea \u05d4\u05e4\u05d9\u05ea\u05d5\u05d7. \u05d0\u05d1\u05d8\u05d7\u05ea \u05ea\u05dc\u05d5\u05d9\u05d5\u05ea \u05d5\u05e7\u05d5\u05e0\u05d8\u05d9\u05d9\u05e0\u05e8\u05d9\u05dd \u05e9\u05d9\u05de\u05d5\u05e9 \u05d1\u05e1\u05d5\u05e8\u05e7\u05d9 \u05e7\u05d5\u05e0\u05d8\u05d9\u05d9\u05e0\u05e8\u05d9\u05dd (Docker Image Scanners) \u2013 \u05e1\u05e8\u05d9\u05e7\u05d4 \u05d0\u05d5\u05d8\u05d5\u05de\u05d8\u05d9\u05ea \u05e9\u05dc \u05ea\u05de\u05d5\u05e0\u05d5\u05ea Docker \u05dc\u05d6\u05d9\u05d4\u05d5\u05d9 \u05d7\u05d5\u05dc\u05e9\u05d5\u05ea. \u05d9\u05d9\u05e9\u05d5\u05dd \u05de\u05d3\u05d9\u05e0\u05d9\u05d5\u05ea \u05d0\u05d1\u05d8\u05d7\u05d4 \u05db\u05e7\u05d5\u05d3 (Policy as Code) \u2013 \u05d4\u05d2\u05d3\u05e8\u05ea \u05de\u05d3\u05d9\u05e0\u05d9\u05d5\u05ea \u05d0\u05d7\u05d9\u05d3\u05d4 \u05d1\u05d0\u05de\u05e6\u05e2\u05d5\u05ea YAML \u05d5-Terraform. \u05e2\u05d3\u05db\u05d5\u05df \u05e8\u05e6\u05d9\u05e3 \u05e9\u05dc \u05d2\u05e8\u05e1\u05d0\u05d5\u05ea \u05e1\u05e4\u05e8\u05d9\u05d5\u05ea \u2013 \u05e9\u05d9\u05de\u05d5\u05e9 \u05d1\u05db\u05dc\u05d9\u05dd \u05db\u05de\u05d5 Dependabot \u05d5-Renovate \u05dc\u05de\u05e0\u05d9\u05e2\u05ea \u05e0\u05d9\u05e6\u05d5\u05dc \u05d7\u05d5\u05dc\u05e9\u05d5\u05ea \u05d9\u05d3\u05d5\u05e2\u05d5\u05ea. \u05e0\u05d9\u05d8\u05d5\u05e8 \u05d0\u05d9\u05d5\u05de\u05d9\u05dd \u05d1\u05d6\u05de\u05df \u05d0\u05de\u05ea \u05d5\u05ea\u05d2\u05d5\u05d1\u05d4 \u05de\u05d4\u05d9\u05e8\u05d4 \u05e9\u05d9\u05dc\u05d5\u05d1 \u05de\u05e2\u05e8\u05db\u05d5\u05ea SIEM \u05d5-SOAR \u2013 \u05e0\u05d9\u05d4\u05d5\u05dc \u05d0\u05d9\u05e8\u05d5\u05e2\u05d9 \u05d0\u05d1\u05d8\u05d7\u05d4 (SIEM) \u05d9\u05d7\u05d3 \u05e2\u05dd \u05ea\u05d2\u05d5\u05d1\u05d4 \u05d0\u05d5\u05d8\u05d5\u05de\u05d8\u05d9\u05ea \u05dc\u05d0\u05d9\u05d5\u05de\u05d9\u05dd (SOAR). Logging &#038; Monitoring \u2013 \u05de\u05e2\u05e7\u05d1 \u05de\u05ea\u05de\u05d9\u05d3 \u05d0\u05d7\u05e8 \u05e9\u05d9\u05e0\u05d5\u05d9\u05d9\u05dd \u05d7\u05e9\u05d5\u05d3\u05d9\u05dd \u05d1\u05e8\u05e4\u05d5\u05d6\u05d9\u05d8\u05d5\u05e8\u05d9\u05d6, \u05e1\u05e4\u05e8\u05d9\u05d5\u05ea, \u05d5\u05de\u05e2\u05e8\u05db\u05d5\u05ea CI\/CD. \u05e1\u05d9\u05db\u05d5\u05dd: DevSecOps \u05d5\u05d0\u05d1\u05d8\u05d7\u05ea \u05e9\u05e8\u05e9\u05e8\u05ea \u05d4\u05d0\u05e1\u05e4\u05e7\u05d4 \u05d9\u05d9\u05e9\u05d5\u05dd \u05d1\u05d3\u05d9\u05e7\u05d5\u05ea SAST \u05d5-DAST \u05dc\u05d0\u05d9\u05ea\u05d5\u05e8 \u05d7\u05d5\u05dc\u05e9\u05d5\u05ea \u05d1\u05e9\u05dc\u05d1 \u05de\u05d5\u05e7\u05d3\u05dd \u05e9\u05dc \u05d4\u05e4\u05d9\u05ea\u05d5\u05d7. \u05d4\u05e7\u05e9\u05d7\u05ea \u05e1\u05d1\u05d9\u05d1\u05ea CI\/CD \u05d5\u05e0\u05d9\u05d4\u05d5\u05dc \u05d4\u05e8\u05e9\u05d0\u05d5\u05ea \u05d1\u05d2\u05d9\u05e9\u05ea Least Privilege. \u05e0\u05d9\u05d8\u05d5\u05e8 \u05d7\u05d5\u05dc\u05e9\u05d5\u05ea \u05d1\u05ea\u05dc\u05d5\u05d9\u05d5\u05ea \u05e6\u05d3 \u05e9\u05dc\u05d9\u05e9\u05d9 \u05d5\u05d1\u05e7\u05d5\u05e0\u05d8\u05d9\u05d9\u05e0\u05e8\u05d9\u05dd. \u05d9\u05d9\u05e9\u05d5\u05dd \u05d2\u05d9\u05e9\u05ea Zero Trust \u05dc\u05de\u05e4\u05ea\u05d7\u05d9\u05dd \u05d5\u05dc\u05e1\u05e4\u05e7\u05d9\u05dd \u05d7\u05d9\u05e6\u05d5\u05e0\u05d9\u05d9\u05dd. \u05e9\u05d9\u05de\u05d5\u05e9 \u05d1-SIEM \u05d5-SOAR \u05dc\u05d6\u05d9\u05d4\u05d5\u05d9 \u05d5\u05ea\u05d2\u05d5\u05d1\u05d4 \u05d0\u05d5\u05d8\u05d5\u05de\u05d8\u05d9\u05ea \u05dc\u05d0\u05d9\u05d5\u05de\u05d9 \u05d0\u05d1\u05d8\u05d7\u05d4. \u05d4\u05d8\u05de\u05e2\u05ea DevSecOps \u05d5\u05d0\u05d1\u05d8\u05d7\u05ea \u05e9\u05e8\u05e9\u05e8\u05ea \u05d4\u05d0\u05e1\u05e4\u05e7\u05d4 \u05ea\u05d0\u05e4\u05e9\u05e8 \u05dc\u05d0\u05e8\u05d2\u05d5\u05e0\u05d9\u05dd \u05dc\u05de\u05e0\u05d5\u05e2 \u05de\u05ea\u05e7\u05e4\u05d5\u05ea \u05e1\u05d9\u05d9\u05d1\u05e8 \u05dc\u05e4\u05e0\u05d9 \u05e9\u05d4\u05df \u05de\u05ea\u05e8\u05d7\u05e9\u05d5\u05ea, \u05dc\u05e9\u05e4\u05e8 \u05d0\u05de\u05d5\u05df \u05d4\u05dc\u05e7\u05d5\u05d7\u05d5\u05ea, \u05d5\u05dc\u05d4\u05d1\u05d8\u05d9\u05d7 \u05ea\u05d5\u05db\u05e0\u05d4 \u05d0\u05d9\u05db\u05d5\u05ea\u05d9\u05ea \u05d5\u05d1\u05d8\u05d5\u05d7\u05d4 \u05db\u05d1\u05e8 \u05de\u05d4\u05e9\u05dc\u05d1 \u05d4\u05e8\u05d0\u05e9\u05d5\u05df. \u05d0\u05d1\u05d8\u05d7\u05ea \u05e1\u05d9\u05d9\u05d1\u05e8 \u05d5-IT \u2013 \u05e9\u05e0\u05d9 \u05e2\u05d5\u05dc\u05de\u05d5\u05ea, \u05e4\u05ea\u05e8\u05d5\u05df \u05d0\u05d7\u05d3<\/p>","protected":false},"author":2,"featured_media":2003,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"site-sidebar-layout":"default","site-content-layout":"","ast-site-content-layout":"default","site-content-style":"default","site-sidebar-style":"default","ast-global-header-display":"","ast-banner-title-visibility":"","ast-main-header-display":"","ast-hfb-above-header-display":"","ast-hfb-below-header-display":"","ast-hfb-mobile-header-display":"","site-post-title":"","ast-breadcrumbs-content":"","ast-featured-img":"","footer-sml-layout":"","theme-transparent-header-meta":"default","adv-header-id-meta":"","stick-header-meta":"","header-above-stick-meta":"","header-main-stick-meta":"","header-below-stick-meta":"","astra-migrate-meta-layouts":"set","ast-page-background-enabled":"default","ast-page-background-meta":{"desktop":{"background-color":"var(--ast-global-color-5)","background-image":"","background-repeat":"repeat","background-position":"center center","background-size":"auto","background-attachment":"scroll","background-type":"","background-media":"","overlay-type":"","overlay-color":"","overlay-opacity":"","overlay-gradient":""},"tablet":{"background-color":"","background-image":"","background-repeat":"repeat","background-position":"center center","background-size":"auto","background-attachment":"scroll","background-type":"","background-media":"","overlay-type":"","overlay-color":"","overlay-opacity":"","overlay-gradient":""},"mobile":{"background-color":"","background-image":"","background-repeat":"repeat","background-position":"center center","background-size":"auto","background-attachment":"scroll","background-type":"","background-media":"","overlay-type":"","overlay-color":"","overlay-opacity":"","overlay-gradient":""}},"ast-content-background-meta":{"desktop":{"background-color":"var(--ast-global-color-4)","background-image":"","background-repeat":"repeat","background-position":"center center","background-size":"auto","background-attachment":"scroll","background-type":"","background-media":"","overlay-type":"","overlay-color":"","overlay-opacity":"","overlay-gradient":""},"tablet":{"background-color":"var(--ast-global-color-4)","background-image":"","background-repeat":"repeat","background-position":"center center","background-size":"auto","background-attachment":"scroll","background-type":"","background-media":"","overlay-type":"","overlay-color":"","overlay-opacity":"","overlay-gradient":""},"mobile":{"background-color":"var(--ast-global-color-4)","background-image":"","background-repeat":"repeat","background-position":"center center","background-size":"auto","background-attachment":"scroll","background-type":"","background-media":"","overlay-type":"","overlay-color":"","overlay-opacity":"","overlay-gradient":""}},"footnotes":""},"categories":[23],"tags":[],"class_list":["post-1476","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-23"],"yoast_head":"<!-- This site is optimized with the Yoast SEO plugin v25.6 - https:\/\/yoast.com\/wordpress\/plugins\/seo\/ -->\n<title>DevSecOps \u05d5\u05d0\u05d1\u05d8\u05d7\u05ea \u05e9\u05e8\u05e9\u05e8\u05ea \u05d4\u05d0\u05e1\u05e4\u05e7\u05d4 \u2013 \u05d1\u05e0\u05d9\u05d9\u05ea \u05ea\u05d5\u05db\u05e0\u05d4 \u05de\u05d0\u05d5\u05d1\u05d8\u05d7\u05ea \u05de\u05d4\u05ea\u05d7\u05dc\u05d4<\/title>\n<meta name=\"description\" content=\"\u05dc\u05de\u05d3 \u05db\u05d9\u05e6\u05d3 \u05dc\u05e9\u05dc\u05d1 DevSecOps \u05d5\u05d0\u05d1\u05d8\u05d7\u05ea \u05e9\u05e8\u05e9\u05e8\u05ea \u05d4\u05d0\u05e1\u05e4\u05e7\u05d4 \u05dc\u05d1\u05e0\u05d9\u05d9\u05ea \u05ea\u05d5\u05db\u05e0\u05d4 \u05de\u05d0\u05d5\u05d1\u05d8\u05d7\u05ea \u05de\u05d4\u05e9\u05dc\u05d1 \u05d4\u05e8\u05d0\u05e9\u05d5\u05df, \u05d5\u05dc\u05d4\u05d2\u05df \u05e2\u05dc \u05d4\u05e4\u05e8\u05d5\u05d9\u05e7\u05d8\u05d9\u05dd \u05e9\u05dc\u05da \u05de\u05e4\u05e0\u05d9 \u05d0\u05d9\u05d5\u05de\u05d9 \u05e1\u05d9\u05d9\u05d1\u05e8 \u05de\u05ea\u05e7\u05d3\u05de\u05d9\u05dd.\" \/>\n<meta name=\"robots\" content=\"index, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<link rel=\"canonical\" href=\"https:\/\/sec-it.co.il\/en\/devsecops-\u05d5\u05d0\u05d1\u05d8\u05d7\u05ea-\u05e9\u05e8\u05e9\u05e8\u05ea-\u05d4\u05d0\u05e1\u05e4\u05e7\u05d4-\u05d0\u05d9\u05da-\u05dc\u05d1\u05e0\u05d5\u05ea-\u05ea\u05d5\u05db\u05e0\/\" \/>\n<meta property=\"og:locale\" content=\"en_US\" \/>\n<meta property=\"og:type\" content=\"article\" \/>\n<meta property=\"og:title\" content=\"DevSecOps \u05d5\u05d0\u05d1\u05d8\u05d7\u05ea \u05e9\u05e8\u05e9\u05e8\u05ea \u05d4\u05d0\u05e1\u05e4\u05e7\u05d4 \u2013 \u05d1\u05e0\u05d9\u05d9\u05ea \u05ea\u05d5\u05db\u05e0\u05d4 \u05de\u05d0\u05d5\u05d1\u05d8\u05d7\u05ea \u05de\u05d4\u05ea\u05d7\u05dc\u05d4\" \/>\n<meta property=\"og:description\" content=\"\u05dc\u05de\u05d3 \u05db\u05d9\u05e6\u05d3 \u05dc\u05e9\u05dc\u05d1 DevSecOps \u05d5\u05d0\u05d1\u05d8\u05d7\u05ea \u05e9\u05e8\u05e9\u05e8\u05ea \u05d4\u05d0\u05e1\u05e4\u05e7\u05d4 \u05dc\u05d1\u05e0\u05d9\u05d9\u05ea \u05ea\u05d5\u05db\u05e0\u05d4 \u05de\u05d0\u05d5\u05d1\u05d8\u05d7\u05ea \u05de\u05d4\u05e9\u05dc\u05d1 \u05d4\u05e8\u05d0\u05e9\u05d5\u05df, \u05d5\u05dc\u05d4\u05d2\u05df \u05e2\u05dc \u05d4\u05e4\u05e8\u05d5\u05d9\u05e7\u05d8\u05d9\u05dd \u05e9\u05dc\u05da \u05de\u05e4\u05e0\u05d9 \u05d0\u05d9\u05d5\u05de\u05d9 \u05e1\u05d9\u05d9\u05d1\u05e8 \u05de\u05ea\u05e7\u05d3\u05de\u05d9\u05dd.\" \/>\n<meta property=\"og:url\" content=\"https:\/\/sec-it.co.il\/en\/devsecops-\u05d5\u05d0\u05d1\u05d8\u05d7\u05ea-\u05e9\u05e8\u05e9\u05e8\u05ea-\u05d4\u05d0\u05e1\u05e4\u05e7\u05d4-\u05d0\u05d9\u05da-\u05dc\u05d1\u05e0\u05d5\u05ea-\u05ea\u05d5\u05db\u05e0\/\" \/>\n<meta property=\"og:site_name\" content=\"IdanZabari Consultant\" \/>\n<meta property=\"article:publisher\" content=\"https:\/\/www.facebook.com\/idan.zabari.7\" \/>\n<meta property=\"article:published_time\" content=\"2025-03-17T07:52:40+00:00\" \/>\n<meta property=\"article:modified_time\" content=\"2025-07-23T05:15:41+00:00\" \/>\n<meta property=\"og:image\" content=\"https:\/\/sec-it.co.il\/wp-content\/uploads\/2025\/03\/Untitled-design-22.jpg\" \/>\n\t<meta property=\"og:image:width\" content=\"2560\" \/>\n\t<meta property=\"og:image:height\" content=\"1440\" \/>\n\t<meta property=\"og:image:type\" content=\"image\/jpeg\" \/>\n<meta name=\"author\" content=\"Idan Zabari\" \/>\n<meta name=\"twitter:card\" content=\"summary_large_image\" \/>\n<meta name=\"twitter:image\" content=\"https:\/\/sec-it.co.il\/wp-content\/uploads\/2025\/03\/Untitled-design-22.jpg\" \/>\n<meta name=\"twitter:label1\" content=\"Written by\" \/>\n\t<meta name=\"twitter:data1\" content=\"Idan Zabari\" \/>\n\t<meta name=\"twitter:label2\" content=\"Est. reading time\" \/>\n\t<meta name=\"twitter:data2\" content=\"3 minutes\" \/>\n<!-- \/ Yoast SEO plugin. -->","yoast_head_json":{"title":"DevSecOps and Supply Chain Security \u2013 Building Secure Software from the Ground Up","description":"\u05dc\u05de\u05d3 \u05db\u05d9\u05e6\u05d3 \u05dc\u05e9\u05dc\u05d1 DevSecOps \u05d5\u05d0\u05d1\u05d8\u05d7\u05ea \u05e9\u05e8\u05e9\u05e8\u05ea \u05d4\u05d0\u05e1\u05e4\u05e7\u05d4 \u05dc\u05d1\u05e0\u05d9\u05d9\u05ea \u05ea\u05d5\u05db\u05e0\u05d4 \u05de\u05d0\u05d5\u05d1\u05d8\u05d7\u05ea \u05de\u05d4\u05e9\u05dc\u05d1 \u05d4\u05e8\u05d0\u05e9\u05d5\u05df, \u05d5\u05dc\u05d4\u05d2\u05df \u05e2\u05dc \u05d4\u05e4\u05e8\u05d5\u05d9\u05e7\u05d8\u05d9\u05dd \u05e9\u05dc\u05da \u05de\u05e4\u05e0\u05d9 \u05d0\u05d9\u05d5\u05de\u05d9 \u05e1\u05d9\u05d9\u05d1\u05e8 \u05de\u05ea\u05e7\u05d3\u05de\u05d9\u05dd.","robots":{"index":"index","follow":"follow","max-snippet":"max-snippet:-1","max-image-preview":"max-image-preview:large","max-video-preview":"max-video-preview:-1"},"canonical":"https:\/\/sec-it.co.il\/en\/devsecops-\u05d5\u05d0\u05d1\u05d8\u05d7\u05ea-\u05e9\u05e8\u05e9\u05e8\u05ea-\u05d4\u05d0\u05e1\u05e4\u05e7\u05d4-\u05d0\u05d9\u05da-\u05dc\u05d1\u05e0\u05d5\u05ea-\u05ea\u05d5\u05db\u05e0\/","og_locale":"en_US","og_type":"article","og_title":"DevSecOps \u05d5\u05d0\u05d1\u05d8\u05d7\u05ea \u05e9\u05e8\u05e9\u05e8\u05ea \u05d4\u05d0\u05e1\u05e4\u05e7\u05d4 \u2013 \u05d1\u05e0\u05d9\u05d9\u05ea \u05ea\u05d5\u05db\u05e0\u05d4 \u05de\u05d0\u05d5\u05d1\u05d8\u05d7\u05ea \u05de\u05d4\u05ea\u05d7\u05dc\u05d4","og_description":"\u05dc\u05de\u05d3 \u05db\u05d9\u05e6\u05d3 \u05dc\u05e9\u05dc\u05d1 DevSecOps \u05d5\u05d0\u05d1\u05d8\u05d7\u05ea \u05e9\u05e8\u05e9\u05e8\u05ea \u05d4\u05d0\u05e1\u05e4\u05e7\u05d4 \u05dc\u05d1\u05e0\u05d9\u05d9\u05ea \u05ea\u05d5\u05db\u05e0\u05d4 \u05de\u05d0\u05d5\u05d1\u05d8\u05d7\u05ea \u05de\u05d4\u05e9\u05dc\u05d1 \u05d4\u05e8\u05d0\u05e9\u05d5\u05df, \u05d5\u05dc\u05d4\u05d2\u05df \u05e2\u05dc \u05d4\u05e4\u05e8\u05d5\u05d9\u05e7\u05d8\u05d9\u05dd \u05e9\u05dc\u05da \u05de\u05e4\u05e0\u05d9 \u05d0\u05d9\u05d5\u05de\u05d9 \u05e1\u05d9\u05d9\u05d1\u05e8 \u05de\u05ea\u05e7\u05d3\u05de\u05d9\u05dd.","og_url":"https:\/\/sec-it.co.il\/en\/devsecops-\u05d5\u05d0\u05d1\u05d8\u05d7\u05ea-\u05e9\u05e8\u05e9\u05e8\u05ea-\u05d4\u05d0\u05e1\u05e4\u05e7\u05d4-\u05d0\u05d9\u05da-\u05dc\u05d1\u05e0\u05d5\u05ea-\u05ea\u05d5\u05db\u05e0\/","og_site_name":"IdanZabari Consultant","article_publisher":"https:\/\/www.facebook.com\/idan.zabari.7","article_published_time":"2025-03-17T07:52:40+00:00","article_modified_time":"2025-07-23T05:15:41+00:00","og_image":[{"width":2560,"height":1440,"url":"https:\/\/sec-it.co.il\/wp-content\/uploads\/2025\/03\/Untitled-design-22.jpg","type":"image\/jpeg"}],"author":"Idan Zabari","twitter_card":"summary_large_image","twitter_image":"https:\/\/sec-it.co.il\/wp-content\/uploads\/2025\/03\/Untitled-design-22.jpg","twitter_misc":{"Written by":"Idan Zabari","Est. reading time":"3 minutes"},"schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":["Article","BlogPosting"],"@id":"https:\/\/sec-it.co.il\/devsecops-%d7%95%d7%90%d7%91%d7%98%d7%97%d7%aa-%d7%a9%d7%a8%d7%a9%d7%a8%d7%aa-%d7%94%d7%90%d7%a1%d7%a4%d7%a7%d7%94-%d7%90%d7%99%d7%9a-%d7%9c%d7%91%d7%a0%d7%95%d7%aa-%d7%aa%d7%95%d7%9b%d7%a0\/#article","isPartOf":{"@id":"https:\/\/sec-it.co.il\/devsecops-%d7%95%d7%90%d7%91%d7%98%d7%97%d7%aa-%d7%a9%d7%a8%d7%a9%d7%a8%d7%aa-%d7%94%d7%90%d7%a1%d7%a4%d7%a7%d7%94-%d7%90%d7%99%d7%9a-%d7%9c%d7%91%d7%a0%d7%95%d7%aa-%d7%aa%d7%95%d7%9b%d7%a0\/"},"author":{"name":"Idan Zabari","@id":"https:\/\/sec-it.co.il\/#\/schema\/person\/cfd7ba754ca3d9c3abf2ba2999f8c280"},"headline":"DevSecOps \u05d5\u05d0\u05d1\u05d8\u05d7\u05ea \u05e9\u05e8\u05e9\u05e8\u05ea \u05d4\u05d0\u05e1\u05e4\u05e7\u05d4 \u2013 \u05d1\u05e0\u05d9\u05d9\u05ea \u05ea\u05d5\u05db\u05e0\u05d4 \u05de\u05d0\u05d5\u05d1\u05d8\u05d7\u05ea \u05de\u05d4\u05ea\u05d7\u05dc\u05d4","datePublished":"2025-03-17T07:52:40+00:00","dateModified":"2025-07-23T05:15:41+00:00","mainEntityOfPage":{"@id":"https:\/\/sec-it.co.il\/devsecops-%d7%95%d7%90%d7%91%d7%98%d7%97%d7%aa-%d7%a9%d7%a8%d7%a9%d7%a8%d7%aa-%d7%94%d7%90%d7%a1%d7%a4%d7%a7%d7%94-%d7%90%d7%99%d7%9a-%d7%9c%d7%91%d7%a0%d7%95%d7%aa-%d7%aa%d7%95%d7%9b%d7%a0\/"},"wordCount":90,"commentCount":0,"publisher":{"@id":"https:\/\/sec-it.co.il\/#organization"},"image":{"@id":"https:\/\/sec-it.co.il\/devsecops-%d7%95%d7%90%d7%91%d7%98%d7%97%d7%aa-%d7%a9%d7%a8%d7%a9%d7%a8%d7%aa-%d7%94%d7%90%d7%a1%d7%a4%d7%a7%d7%94-%d7%90%d7%99%d7%9a-%d7%9c%d7%91%d7%a0%d7%95%d7%aa-%d7%aa%d7%95%d7%9b%d7%a0\/#primaryimage"},"thumbnailUrl":"https:\/\/sec-it.co.il\/wp-content\/uploads\/2025\/03\/Untitled-design-22.jpg","articleSection":["\u05d0\u05d1\u05d8\u05d7\u05ea \u05de\u05d9\u05d3\u05e2"],"inLanguage":"en-US","potentialAction":[{"@type":"CommentAction","name":"Comment","target":["https:\/\/sec-it.co.il\/devsecops-%d7%95%d7%90%d7%91%d7%98%d7%97%d7%aa-%d7%a9%d7%a8%d7%a9%d7%a8%d7%aa-%d7%94%d7%90%d7%a1%d7%a4%d7%a7%d7%94-%d7%90%d7%99%d7%9a-%d7%9c%d7%91%d7%a0%d7%95%d7%aa-%d7%aa%d7%95%d7%9b%d7%a0\/#respond"]}]},{"@type":"WebPage","@id":"https:\/\/sec-it.co.il\/devsecops-%d7%95%d7%90%d7%91%d7%98%d7%97%d7%aa-%d7%a9%d7%a8%d7%a9%d7%a8%d7%aa-%d7%94%d7%90%d7%a1%d7%a4%d7%a7%d7%94-%d7%90%d7%99%d7%9a-%d7%9c%d7%91%d7%a0%d7%95%d7%aa-%d7%aa%d7%95%d7%9b%d7%a0\/","url":"https:\/\/sec-it.co.il\/devsecops-%d7%95%d7%90%d7%91%d7%98%d7%97%d7%aa-%d7%a9%d7%a8%d7%a9%d7%a8%d7%aa-%d7%94%d7%90%d7%a1%d7%a4%d7%a7%d7%94-%d7%90%d7%99%d7%9a-%d7%9c%d7%91%d7%a0%d7%95%d7%aa-%d7%aa%d7%95%d7%9b%d7%a0\/","name":"DevSecOps and Supply Chain Security \u2013 Building Secure Software from the Ground Up","isPartOf":{"@id":"https:\/\/sec-it.co.il\/#website"},"primaryImageOfPage":{"@id":"https:\/\/sec-it.co.il\/devsecops-%d7%95%d7%90%d7%91%d7%98%d7%97%d7%aa-%d7%a9%d7%a8%d7%a9%d7%a8%d7%aa-%d7%94%d7%90%d7%a1%d7%a4%d7%a7%d7%94-%d7%90%d7%99%d7%9a-%d7%9c%d7%91%d7%a0%d7%95%d7%aa-%d7%aa%d7%95%d7%9b%d7%a0\/#primaryimage"},"image":{"@id":"https:\/\/sec-it.co.il\/devsecops-%d7%95%d7%90%d7%91%d7%98%d7%97%d7%aa-%d7%a9%d7%a8%d7%a9%d7%a8%d7%aa-%d7%94%d7%90%d7%a1%d7%a4%d7%a7%d7%94-%d7%90%d7%99%d7%9a-%d7%9c%d7%91%d7%a0%d7%95%d7%aa-%d7%aa%d7%95%d7%9b%d7%a0\/#primaryimage"},"thumbnailUrl":"https:\/\/sec-it.co.il\/wp-content\/uploads\/2025\/03\/Untitled-design-22.jpg","datePublished":"2025-03-17T07:52:40+00:00","dateModified":"2025-07-23T05:15:41+00:00","description":"\u05dc\u05de\u05d3 \u05db\u05d9\u05e6\u05d3 \u05dc\u05e9\u05dc\u05d1 DevSecOps \u05d5\u05d0\u05d1\u05d8\u05d7\u05ea \u05e9\u05e8\u05e9\u05e8\u05ea \u05d4\u05d0\u05e1\u05e4\u05e7\u05d4 \u05dc\u05d1\u05e0\u05d9\u05d9\u05ea \u05ea\u05d5\u05db\u05e0\u05d4 \u05de\u05d0\u05d5\u05d1\u05d8\u05d7\u05ea \u05de\u05d4\u05e9\u05dc\u05d1 \u05d4\u05e8\u05d0\u05e9\u05d5\u05df, \u05d5\u05dc\u05d4\u05d2\u05df \u05e2\u05dc \u05d4\u05e4\u05e8\u05d5\u05d9\u05e7\u05d8\u05d9\u05dd \u05e9\u05dc\u05da \u05de\u05e4\u05e0\u05d9 \u05d0\u05d9\u05d5\u05de\u05d9 \u05e1\u05d9\u05d9\u05d1\u05e8 \u05de\u05ea\u05e7\u05d3\u05de\u05d9\u05dd.","breadcrumb":{"@id":"https:\/\/sec-it.co.il\/devsecops-%d7%95%d7%90%d7%91%d7%98%d7%97%d7%aa-%d7%a9%d7%a8%d7%a9%d7%a8%d7%aa-%d7%94%d7%90%d7%a1%d7%a4%d7%a7%d7%94-%d7%90%d7%99%d7%9a-%d7%9c%d7%91%d7%a0%d7%95%d7%aa-%d7%aa%d7%95%d7%9b%d7%a0\/#breadcrumb"},"inLanguage":"en-US","potentialAction":[{"@type":"ReadAction","target":["https:\/\/sec-it.co.il\/devsecops-%d7%95%d7%90%d7%91%d7%98%d7%97%d7%aa-%d7%a9%d7%a8%d7%a9%d7%a8%d7%aa-%d7%94%d7%90%d7%a1%d7%a4%d7%a7%d7%94-%d7%90%d7%99%d7%9a-%d7%9c%d7%91%d7%a0%d7%95%d7%aa-%d7%aa%d7%95%d7%9b%d7%a0\/"]}]},{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/sec-it.co.il\/devsecops-%d7%95%d7%90%d7%91%d7%98%d7%97%d7%aa-%d7%a9%d7%a8%d7%a9%d7%a8%d7%aa-%d7%94%d7%90%d7%a1%d7%a4%d7%a7%d7%94-%d7%90%d7%99%d7%9a-%d7%9c%d7%91%d7%a0%d7%95%d7%aa-%d7%aa%d7%95%d7%9b%d7%a0\/#primaryimage","url":"https:\/\/sec-it.co.il\/wp-content\/uploads\/2025\/03\/Untitled-design-22.jpg","contentUrl":"https:\/\/sec-it.co.il\/wp-content\/uploads\/2025\/03\/Untitled-design-22.jpg","width":2560,"height":1440,"caption":"DevSecOps \u05d5\u05d0\u05d1\u05d8\u05d7\u05ea \u05e9\u05e8\u05e9\u05e8\u05ea \u05d4\u05d0\u05e1\u05e4\u05e7\u05d4"},{"@type":"BreadcrumbList","@id":"https:\/\/sec-it.co.il\/devsecops-%d7%95%d7%90%d7%91%d7%98%d7%97%d7%aa-%d7%a9%d7%a8%d7%a9%d7%a8%d7%aa-%d7%94%d7%90%d7%a1%d7%a4%d7%a7%d7%94-%d7%90%d7%99%d7%9a-%d7%9c%d7%91%d7%a0%d7%95%d7%aa-%d7%aa%d7%95%d7%9b%d7%a0\/#breadcrumb","itemListElement":[{"@type":"ListItem","position":1,"name":"Home","item":"https:\/\/sec-it.co.il\/"},{"@type":"ListItem","position":2,"name":"DevSecOps \u05d5\u05d0\u05d1\u05d8\u05d7\u05ea \u05e9\u05e8\u05e9\u05e8\u05ea \u05d4\u05d0\u05e1\u05e4\u05e7\u05d4 \u2013 \u05d1\u05e0\u05d9\u05d9\u05ea \u05ea\u05d5\u05db\u05e0\u05d4 \u05de\u05d0\u05d5\u05d1\u05d8\u05d7\u05ea \u05de\u05d4\u05ea\u05d7\u05dc\u05d4"}]},{"@type":"WebSite","@id":"https:\/\/sec-it.co.il\/#website","url":"https:\/\/sec-it.co.il\/","name":"IdanZabari Consultant","description":"","publisher":{"@id":"https:\/\/sec-it.co.il\/#organization"},"potentialAction":[{"@type":"SearchAction","target":{"@type":"EntryPoint","urlTemplate":"https:\/\/sec-it.co.il\/?s={search_term_string}"},"query-input":{"@type":"PropertyValueSpecification","valueRequired":true,"valueName":"search_term_string"}}],"inLanguage":"en-US"},{"@type":"Organization","@id":"https:\/\/sec-it.co.il\/#organization","name":"IdanZabari Consultant","url":"https:\/\/sec-it.co.il\/","logo":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/sec-it.co.il\/#\/schema\/logo\/image\/","url":"https:\/\/sec-it.co.il\/wp-content\/uploads\/2025\/03\/blog1.jpg","contentUrl":"https:\/\/sec-it.co.il\/wp-content\/uploads\/2025\/03\/blog1.jpg","width":517,"height":244,"caption":"IdanZabari Consultant"},"image":{"@id":"https:\/\/sec-it.co.il\/#\/schema\/logo\/image\/"},"sameAs":["https:\/\/www.facebook.com\/idan.zabari.7","https:\/\/www.linkedin.com\/in\/idan-zabari\/"]},{"@type":"Person","@id":"https:\/\/sec-it.co.il\/#\/schema\/person\/cfd7ba754ca3d9c3abf2ba2999f8c280","name":"Idan Zabari","image":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/sec-it.co.il\/#\/schema\/person\/image\/","url":"https:\/\/secure.gravatar.com\/avatar\/5a419db52cf16c061d540c62de30ee19bea96079b9901c8724b52c1ecb2958d2?s=96&d=mm&r=g","contentUrl":"https:\/\/secure.gravatar.com\/avatar\/5a419db52cf16c061d540c62de30ee19bea96079b9901c8724b52c1ecb2958d2?s=96&d=mm&r=g","caption":"Idan Zabari"}}]}},"_links":{"self":[{"href":"https:\/\/sec-it.co.il\/en\/wp-json\/wp\/v2\/posts\/1476","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/sec-it.co.il\/en\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/sec-it.co.il\/en\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/sec-it.co.il\/en\/wp-json\/wp\/v2\/users\/2"}],"replies":[{"embeddable":true,"href":"https:\/\/sec-it.co.il\/en\/wp-json\/wp\/v2\/comments?post=1476"}],"version-history":[{"count":0,"href":"https:\/\/sec-it.co.il\/en\/wp-json\/wp\/v2\/posts\/1476\/revisions"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/sec-it.co.il\/en\/wp-json\/wp\/v2\/media\/2003"}],"wp:attachment":[{"href":"https:\/\/sec-it.co.il\/en\/wp-json\/wp\/v2\/media?parent=1476"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/sec-it.co.il\/en\/wp-json\/wp\/v2\/categories?post=1476"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/sec-it.co.il\/en\/wp-json\/wp\/v2\/tags?post=1476"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}