You’ve heard it time and time again: you need a strong password to keep your online accounts safe. Creating complex passwords can be complicated to remember, thats why having a password manager is crucial to remembering all your different passwords without the fear of forgetting your password or risking using an easy password which is guessable to hackers.

Anat Kleinmann, AlgoSec Sr. Product Manager and IaC expert, discusses how incorporating Infrastructure-as-Code into DevSecOps can allow teams to take a preventive approach to secure application connectivity.

Ransomware has been around for a long time — since 1989 — but has scaled up significantly since 2016. Author’s from Accenture and Google Cloud, in addition to our very own Vandana Verma Sehgal (from the Snyk Security Relations Team), recently released a white paper, Ransomware State of Mind: How to Better Protect Your Business, which details the current state of ransomware and solutions to address this growing problem.

U.S. Sen. Mark Warner (D-Va.) issued the 35-page report Cybersecurity on Patient Safety on November 3, which called the ongoing transition to better cybersecurity for the healthcare sector as being painfully slow and inadequate. This is despite the fact the healthcare sector is uniquely vulnerable to cyberattacks.

Cloud adoption is vastly increasing. Right now, 9o% of businesses are using or plan to use a multi-cloud environment. While the cloud, which refers to internet-accessed servers that are not directly managed by the business, can help organizations scale in a cost-effective manner, they also create new cybersecurity risks.

Kubernetes is a very complex product where creating and managing clusters requires a great deal of knowledge on a wide range of topics. The introduction of managed clusters brought simplicity to the process allowing users to focus on extracting the most out of the system. One of the areas of most interest and different configurations is authentication and authorization. In authentication, the main objective, and most critical of all, is to ensure the identity and validity of users and machines.

“If you fail to plan, you plan to fail,” said Benjamin Franklin. These words cannot be overstated in most business fields, especially when it comes to automation. Process automation has the potential to enhance operations in most organizations, but problems can emerge when they don’t plan and strategize around their automation objectives.

As the healthcare industry becomes more digitally inclined, there’s a need for systems to be put in place to avoid breaches in the security of data records. Most healthcare organizations are already embracing the DevOps (Development and Operations) model, but unfortunately, security seems to be neglected, resulting in data breaches and numerous cyber attacks on software and mobile applications.

Have you ever walked up to an ATM after another person finished with the machine only to find they left it on a prompt screen asking, “Do you want to perform another transaction?” I have. Of course, I did the right thing and closed out their session before beginning my own transaction. That was a mistake an individual made by careless error which could have cost them hundreds of their own currency.

NPM security has been a trending topic in the media in recent years, mostly in reference to npm packages available on the ecosystem rather than the npm registry itself. The increasing security risk, that applies to developers and software we build, makes it even more important to understand how to prevent supply chain attacks and other security vulnerabilities related to software development life cycle.