Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

February 2024

Sponsored Post
kondukto

Running DAST in CI/CD for Regression Testing

Feb 29, 2024 By Andreas Wiese In Kondukto
In the fast-paced field of software development, ensuring applications remain functional and secure through updates is essential. Regression testing, which checks that new code doesn't harm existing features, is key. Dynamic Application Security Testing (DAST) tools play a crucial role here. They identify security flaws in active web applications. This article explores the importance of DAST tools, integration, and enhancement in regression testing.
Read Post
kondukto

Microsoft Azure CLI affected by CVE-2022-39327

Feb 28, 2024 By Kondukto Security Team In Kondukto
CVE-2022-39327 is a code injection vulnerability that affects the command-line interface for Microsoft Azure (Azure CLI). The vulnerability allows an attacker to execute arbitrary commands on a Windows machine that runs an Azure CLI command with untrusted parameter values. The vulnerability was discovered by GitHub Security Lab and reported to Microsoft on October 7, 2022. Microsoft released a patch for the vulnerability on October 25, 2022, in version 2.40.0 of the Azure CLI.
Read Post
kondukto

Splunk Enterprise affected by CVE-2023-40598

Feb 5, 2024 By Kondukto Security Team In Kondukto
This is an overview of the CVE-2023-40598 vulnerability, which affects Splunk Enterprise versions below 8.2.12, 9.0.6, and 9.1.1. We will explain the nature of the vulnerability, how it can be exploited, and how it can be fixed. We will also provide code examples, links to web pages with valuable information, and tips on how to prevent similar vulnerabilities in the future.
Read Post

Copyright © 2024 OpsMatters™. All rights reserved.