Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

Security

What is cybersecurity testing? Reviewing testing tools, methodologies for proactive cyber readiness

This article was written by an independent guest author. Your organization may boast all the best cybersecurity hardware, software, services, policies, procedures and even culture. If this is the case, you’re way ahead of the curve. But no matter how confident you are about your overall cybersecurity posture, how can you really know? Knowing is where cybersecurity testing comes in.

Zero Trust policies - Not just for humans, but for machines and applications too

Hackers are continually finding more and more pathways into an organization’s internal environment. Not only is access widely available, it can also be alarmingly simple. Rather than having to actively hack systems, hackers often just log in using easily-obtained or compromised user identities and credentials.

Using OPA for multicloud policy and process portability

How Open Policy Agent allows developer teams to write and enforce consistent policy and authorization across multicloud and hybrid cloud environments As multicloud strategies become fully mainstream, companies and dev teams are having to figure out how to create consistent approaches among cloud environments.

Best Practices for Securing Modern Cloud Native Applications with ActiveCampaign CISO

The benefits of cloud native development are undeniable – from rapid deployments to scaling operations. However, modern cloud native applications both solve and introduce new security risks at each layer of the application. Join Chaim Mazal, ActiveCampaign CISO, as he shares his experience in the cloud native space and offers tips for others. Mazal will discuss how he transformed ActiveCampaign’s security approach at each layer of stack – including 3rd dependencies, containerization, and infrastructure as code. Join us to learn the key strategies and unique insight for securing cloud native applications.

Getting started with Kubernetes audit logs and Falco

As Kubernetes adoption continues to grow, Kubernetes audit logs are a critical information source to incorporate in your Kubernetes security strategy. It allows security and DevOps teams to have full visibility into all events happening inside the cluster. The Kubernetes audit logging feature was introduced in Kubernetes 1.11.

1Password Developer Fireside Chat: Introduction to Rust Macros

Senior Developer, Nathan West, shares an introduction to Rust macros, and discusses token trees, metavariable types, and pattern repetition. He’s joined by 1Password Co-Founder Dave Teare, Senior Developers Matias Bueno, Mathieu Letendre-Jauniaux, and Ricky Hosfelt, along with Senior Staff Developer Mitchell Cohen in the first installment of the 1Password Developer Fireside Chat series.

SaaS Design Principles with Kubernetes

It seems like nowadays, every company is a SaaS company. We’ve even begun stratifying by what is sold, replacing the “software” in SaaS to whatever the product’s core competency is, search-as-a-service, chat-as-a-service, video-as-a-service. So, when we, at Teleport, set sail for the cloud after years of successfully navigating on-prem software, we came in with a different set of experiences.

Teramind vs. Veriato | 2021 Feature Comparison

An apples to apples comparison between Teramind and Veriato is difficult because they follow slightly different approaches when it comes to bundling product features and offerings. We’ve chosen the two most similar employee monitoring packages between the two solutions to compare. Teramind’s package, called Teramind UAM packs all the features you would expect from a modern employee monitoring solution like monitoring, recording, detection and activity control.

Best Practices for Writing Secure Java Code

Every Java developer should follow coding standards and best practices to develop secure Java code. It is critical your code is not vulnerable to exploits or malicious attacks. In recent times, even big organizations like eBay, the CIA, and the IRS have fallen victim to vulnerabilities in their applications that have been discovered and exploited by attackers. The following guidelines provide a solid foundation for writing secure Java code and applications.