Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

Security

synopsys

Open source license compliance and dependencies: Peeling back the licensing layers

May 11, 2021 By Matt Jacobs In Synopsys

How can you successfully navigate open source license compliance? Start with the right tools to identify your dependences and calculate their risks. What if you have an open source software package licensed under a permissive license like the Apache or MIT, but inside that package are dependencies licensed under a restrictive license like the General Public License (GPL)? What are some best practices to follow?

Read Post
splunk

A Threat As Old As The Internet: Why We Still Care About Malware (And Why You Should Too)

May 11, 2021 By Yassir Abousselham In Splunk

Every career has defining moments. Most are spread out over years or even decades, but the cybersecurity world has had two career-defining moments just in the past year. It started with the global shutdown due to the COVID-19 pandemic. Overnight, many organizations were forced to support employees working remotely. CISOs, like me, were expected to keep both our company and its employees safe in a completely unpredictable world.

Read Post
jfrog

What's New with JFrog Xray and DevSecOps

May 11, 2021 By Paul Garden In JFrog

As we look to improve the quality and capabilities of the JFrog DevOps Platform, especially in the world of DevSecOps, we have added powerful new features to further enhance the award-winning JFrog Xray. The capabilities detailed below cement Xray’s position as a universal software composition analysis (SCA) solution trusted by developers and DevSecOps teams globally to quickly and continuously identify open source software vulnerabilities and license compliance violations.

Read Post
jumpsec

Evaluating The Risk Posed By Ransomware Threats

May 11, 2021 By JUMPSEC In JUMPSEC

Arguably the greatest threat to organisations in 2021 is ransomware. Ransomware attacks proliferated in 2020, increasing by 435% compared to 2019. The number of ransoms paid has also increased from 39% in 2018 to 58% in 2020 (the figure is likely to be even higher when factoring in those organisations that have not disclosed whether a ransom has been paid).

Read Post
Snyk

Trend Micro launches Cloud One Open Source Security powered by Snyk

May 10, 2021 By Geva Solomonovich In Snyk

Last summer, we announced our plan to expand our partnership with Trend Micro to provide security operations teams visibility and tracking of vulnerabilities and license risks in open source components. The long-standing partnership already includes container image security scanning that leverages Snyk’s proprietary vulnerability database.

Read Post

Hack my misconfigured Kubernetes at Kubecon Europe

May 10, 2021 By Snyk In Snyk
In the last few years, we’ve seen more and more responsibilities shift left – to development teams. With the widespread adoption of Kubernetes, we’re now seeing configurations become a developer issue first and foremost. This responsibility means that developers need to be aware of the security risks involved in their configurations.
View Video

The State of Infrastructure as Code Security at Kubecon Europe

May 10, 2021 By Snyk In Snyk
The adoption of infrastructure-as-code and configuration-as-code is soaring with the rising popularity of technologies like Kubernetes and Terraform. This means that designing and deploying infrastructure is a developer task, even if your “developer” is an infrastructure architect, and, just like application code, configurations can use test-driven methodologies to automate security prior to deployment.
View Video

Copyright © 2024 OpsMatters™. All rights reserved.