Application Security

The latest News and Information on Application Security including monitoring, testing, and open source.

Cloud Unfiltered with Nick Eberts - Complexity of Fleet Management - Episode 6

Mar 19, 2024 By Panoptica In Panoptica

Nick Eberts sits down with host Michael Chenetz to discuss platform engineering, fleet management and cloud-native security on this episode of Cloud Unfiltered. Outshift is Cisco’s incubation engine, innovating what's next and new for Cisco products and sharing our expertise on emerging technologies. Discover the latest on cloud native applications, cloud application security, generative AI, quantum networking and security, future-forward tech research, our latest open source projects and more.

View Video

Panoptica

Read more about Cloud Unfiltered with Nick Eberts - Complexity of Fleet Management - Episode 6

Security Debt: A Growing Threat to Application Security

Mar 18, 2024 By Jenny Buckingham In Veracode

Security debt is a major and growing problem in software development with significant implications for application security, according to Veracode's State of Software Security 2024 Report. Let’s delve a bit deeper into the scope and risk of security debt, and gain some insights for application security managers to effectively address this challenge. Security debt refers to software flaws that remain unfixed for a year or more.

Read Post

Veracode

Read more about Security Debt: A Growing Threat to Application Security

AI - Boon or Bane for Appsec

Mar 18, 2024 By Veracode In Veracode

Are you ready to dive into the world of application security and artificial intelligence? Watch the exclusive talk by the renowned Julian Totzek Hallhuber, Solutions Architecture Manager at Veracode, during Mind the Sec 2023 in Brazil. In this engaging talk, Julian explores the advantages and disadvantages of using AI in the AppSec landscape and discovers how AI is revolutionizing the way we protect our applications from constantly evolving cyber threats.

View Video

Veracode

Read more about AI - Boon or Bane for Appsec

Introducing kntrl: Enhancing CI/CD Security with eBPF

Mar 14, 2024 By Cenk Kalpakoğlu In Kondukto

CI/CD pipelines are formed by a series of steps that automate the process of software delivery. They integrate the practices of Continuous Integration (CI) and Continuous Delivery (CD) along with the tools, platforms, and repositories that enable them. Their goal is to simplify, streamline and automate large parts of the software development process.

Read Post

Kondukto

Read more about Introducing kntrl: Enhancing CI/CD Security with eBPF

Using webhooks to boost cloud-native application security

Mar 14, 2024 By Davide Sellitri In Tigera

In the ever-evolving landscape of cloud-native applications built with containers and Kubernetes, webhooks serve as the communication backbone, facilitating seamless integration between various components, especially in the realms of security, networking, and troubleshooting. This is further amplified when combined with popular collaboration tools such as Jira and Slack.

Read Post

Tigera

Read more about Using webhooks to boost cloud-native application security

Are your APIs secure? Try our new free tool: API Specification Evaluator

Mar 14, 2024 By Rami H. In Panoptica

Test API specification With the growing footprint of APIs, there is a strong need for secure-by-design APIs. A design blueprint of an API would be a helpful start in determining the security standard of an API. Fortunately, APIs have that blueprint known as an OpenAPI Specification. API Specifications play a crucial role in ensuring the security and functionality of APIs.

Read Post

Panoptica

Read more about Are your APIs secure? Try our new free tool: API Specification Evaluator

AppSec Decoded: Three ways to successfully implement security in DevSecOps | Synopsys

Mar 11, 2024 By Synopsys In Synopsys

Proper planning and implementation of security into DevSecOps includes organizational alignment, more frequent testing of critical apps, and fostering a security culture with developer security training.

View Video

Synopsys

Read more about AppSec Decoded: Three ways to successfully implement security in DevSecOps | Synopsys

Cloud Unfiltered with Ohad Maislish - Infra as Code - Episode 5

Mar 11, 2024 By Panoptica In Panoptica

Ohad Maislish discussed cloud infrastructure, DevOps, and the evolution of cloud technologies. Ohad shares his journey from a geek interested in infrastructure to founding M0, focusing on how cloud computing is becoming code with tools like Terraform and Pulumi. They discuss the challenges of platform engineering, the importance of infrastructure as code, and the move towards empowering developers with self-service cloud infrastructure. The dialogue also touches on the significance of open-source projects and the impact of Terraform's licensing changes, leading to the creation of OpenTofu.

View Video

Panoptica

Read more about Cloud Unfiltered with Ohad Maislish - Infra as Code - Episode 5

Cloud Unfiltered with Cory O'Daniel on DevOps vs. Platform Engineering - Episode 4

Mar 7, 2024 By Panoptica In Panoptica

Cory O'Daniel, CEO of Massdriver discusses his blog series, which contains the article entitled "DevOps is BS!". Find out why he and others are coming to the conclusion that this may be the case. Additionally, Cory discusses the need for a more consolidated approach to DevOps and how platform engineering may be the answer. Find Out: Find out this and more in the latest episode of Cloud Unfiltered.

View Video

Panoptica

Read more about Cloud Unfiltered with Cory O'Daniel on DevOps vs. Platform Engineering - Episode 4

Supply Chain Security Snags

Mar 7, 2024 By Andreas Wiese In Kondukto

Picture a domino effect in the business world: one weak link in a supply chain triggers a cascade of disruptions. This is the reality of supply chain attacks, where a minor breach can escalate into a major crisis. It underscores the urgent need for robust security across the whole supply chain. Supply chain attacks represent a sophisticated threat to organizations, often involving multiple stages of exploitation.

Read Post