The 2022 Gartner® Critical Capabilities for Application Security Testing report provides useful guidance for teams wanting to build an AppSec program optimized for their business needs. There are two cars in my driveway right now. One was built in 1978, and what’s great about it is how easy it is to work on. It’s a simple vehicle, and most repairs can be performed with only a half-dozen tools: two screwdrivers, three wrenches, and a hammer (you always need a hammer).

Supply chain security has received a lot of attention in recent years. And rightly so. Software vulnerability exploitation attacks have been a key tool in the hands of the hackers to hamper businesses, compromise sensitive data, and a cause of general sense of fear around open source software.

Stephen Chin is no stranger to having big ideas and implementing them to help the developer community. In the last twenty years he’s been involved in building open source IDEs, bootstrapping rich client libraries, maintaining JVM languages, and cultivating relationships with developers that do the same.

Today at swampUP, our annual DevOps conference, JFrog CTO Yoav Landman unveiled the next step toward making the Liquid Software vision of continuous, secure updates a truly universal reality. We’ve introduced JFrog Connect, a new solution designed to help developers update, manage, monitor, and secure remote Linux & Internet of Things (IoT) devices at scale.

It was a busy week last week at KubeCon +CloudNativeCon Europe 2022 in Valencia, Spain. It seemed like the entire world related to Kubernetes came together after two years of being apart. It was fulfilling meeting up with our peers and gaining market insight- face-to-face. Catalogic’s core messaging this year has revolved around cyber-resilience for data protection.

Drawing on over three decades’ experience in penetration testing for global organisations of all sizes, this webinar outlines some of the most common attack methods in use today and shares effective approaches for tackling them. The session on will detail the most effective security controls to prevent and mitigate common types of cyber-attacks.

There is a sight gag that has been used in a number of movies and TV comedies that involves an apartment building lobby. It shows how people who don’t live there, but who want to get in anyway, such as Girl Guides looking to sell cookies to the tenants – simply run their fingers down every call button on the tenant directory, like a pianist performing a glissando, knowing that at least one of the dozens of apartments being buzzed will let them in simply out of reflex or laziness.

Securing your software supply chain requires proactively identifying compliance issues and security vulnerabilities early in your software development lifecycle. Additionally early detection must be coupled with an organized and agile method of response that brings together developers, operations and SRE teams to accelerate remediation workflows across the organization.

In 2022, JFrog and ServiceNow engaged in a series of meaningful conversations around the state of DevSecOps and how the industry could benefit from tighter integrations with IT-Operations tools.

Did you hear the news? Graylog is on a mission to help make your IT environment and data more efficient and secure by making it super easy to uncover the answers stored in your machine data. At Graylog, coming up with solutions to problems faced by IT and Security professionals is what drives us. Our teams are always working on ways to add meaningful functionality that increases productivity so you can focus your resources on the innovation and core competencies that you’re known for.