Vonage Integrates WhiteSource with GitHub
Vonage automates open source security using developer-focused tools within their native development environment.
Security | Threat Detection | Cyberattacks | DevSecOps | Compliance
The Latest Cybersecurity News & Insights From Around The World
Case Study
How a Microsoft Engineer Implemented Veracode for a Large Azure Project
With the need to produce innovative software faster than ever, and cyberattacks not slowing down, it’s no surprise that, for projects large and small, ensuring the security of your code at every step is key. But if software engineers want to meet these everyday demands with success, it’s important to understand how different security scanning types fit in throughout the development process, and how the needs of your team might impact scans.
Devo Customer Story: Panda Security
Watch this customer story to see how Panda Security, an endpoint protection company, leverages Devo to rapidly collect and analyze a wide range and large volume of security data. Devo offers Panda a SaaS-based security analytics solution that easily scales to meet its growing customer base. Panda seamlessly integrates Devo into its own products, providing customers out-of-the-box analytics and insights, freeing Panda to focus on what it does best, malware detection.
Shifting security left while building a Cloud Native bank
Building a digital bank requires a unique combination of agility and speed while maintaining the highest level of security. Lunar, a digital challenger bank in the Nordics, has always had technology and agility as a differentiator. Lunar was built for the cloud, with Cloud Native principles, such as microservices, containers, and container orchestration amongst others. In this presentation Kasper will present some insights into the principles on which the Lunar infrastructure was built on, the continuous focus on security, and how application security is shifting left and becoming a developer concern.
Snyk chats with Shutterstock about building a DevSecOps culture
While it’s relatively easy to buy modern security tools, the culture of a company can have an enormous impact on the successful rollout of new security processes. In fact, one of the greatest hurdles for implementing a DevSecOps approach to application security is company-wide adoption.
Case Study - Online Skimming Attack Facilitated by Work-From-Home Arrangements
In May 2020, Kroll was contacted by a purveyor of high-end meats after receiving several customer complaints of potentially fraudulent credit card activity. The fraud allegations were raised after several customers observed unauthorized transactions on their credit cards shortly after placing orders through the purveyor’s e-commerce website. Kroll quickly assigned one of their seasoned Payment Card Industry (PCI) forensics investigators to review and investigate the matter.
How Twilio Scaled through Dev-First Security and DevSecOps
As more organizations leverage cloud native technologies such as Kubernetes, IaC, containers and serverless – shifting left and adopting DevSecOps is a must-do. But how does it actually work in practice? Meet Twilio; a billion dollar unicorn that has mastered dev-first security. In this session, you’ll hear from Twilio’s Head of Product Security on how he built and runs an application security program that maintains high velocity outputs.
Deploying Elastic to further strengthen IT security at TierPoint
TierPoint is a leading provider of secure, connected data center and cloud solutions at the edge of the Internet with thousands of customers. At TierPoint, I’m responsible for maintenance and development of the information security program, which includes threat analytics, incident response, and digital forensics. We’re constantly looking for new and even more effective ways to aggregate, process, and make decisions from massive amounts of data streaming in from diverse sources.
Scaling OPA: How SugarCRM, Atlassian and Netflix Unified Authorization across the Stack
Open Policy Agent (OPA), now a graduated project from the Cloud Native Computing Foundation, has become the open-source tool of choice for millions of users, who leverage it as a standard building block for policy and authorization across the cloud-native stack. Given the flexibility of OPA — with practically limitless deployment options — it has been adopted for dozens of use cases across hundreds of companies.
Yieldstreet protects PII in Slack with Nightfall DLP
Yieldstreet is an alternative investments platform that strives to democratize access to financial products historically only available to institutional investors. With Yieldstreet, there are investment opportunities available to both accredited and non-accredited investors looking to invest in funds in the litigation finance, marine finance, and art finance asset classes.