Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

Security

alienvault

7 key steps to Zero Trust

Apr 16, 2020 By Derrick Johnson In AT&T Cybersecurity

This is part 3 of a 3 part blog series My last two blog entries provided some key elements of a Zero Trust Network (ZTN), which focused on the tenets of zero trust and how the confidence is gained for untrusted traffic and authorized on a continual basis. The comprehensive nature of Zero Trust can be a little overwhelming in a world of limited resources, time and budgets.

Read Post
detectify

Detectify security updates for 16 April

Apr 16, 2020 By Detectify In Detectify

For continuous coverage, we push out major Detectify security updates every two weeks, keeping our tool up-to-date with new findings, features and improvements sourced from our security researchers and Crowdsource ethical hacker community. Due to confidentially agreements, we cannot publicize all security update releases here but they are immediately added to our scanner and available to all users. This post highlights a few things that we have improved in the last two weeks.

Read Post
mend

Open Source Analysis Extends Your Visibility

Apr 16, 2020 By Julie Peterson In Mend

When we think of open source analysis, security is often the first thing that comes to mind. But open source analysis is so much more than just security. It gives you visibility into your codebase to help you understand and manage your open source components. In this blog, we’ll define open source analysis, look at why it’s important to your business, and describe the characteristics of an effective open source analysis framework.

Read Post

Predict 2020 - Developers Do Security

Apr 16, 2020 By Mend In Mend
Amid all the talk of shifting left, mingling the DevOps and Security tribes and how can we do code better, faster and with more quality a funny thing happened. Security vendors are developing security tools for devs and DevOps. The security team still pays for them, but they won't buy them without Dev and DevOps buy in. What does this mean for 2020? Will we see better "quality (codeword for security)" in our apps? What should security teams be doing to make this happen? What should Devs and DevOps teams do to adopt these new developer-friendly tools? Is 2020 the year DevSecOps makes a difference?
View Video

How SAP Integrates License Compliance & Security Into Their DevOps Pipeline

Apr 16, 2020 By Mend In Mend
Gone are the days where open source components were only used by individual developers, start-ups or small corporations. Today, even the biggest corporate giants have realized the numerous benefits open source usage brings, thereby openly embracing this as part of their software to help them focus their efforts and push more code out of the door faster.
View Video

Panel Discussion: Cloud Security - Keeping Serverless Data Safe

Apr 16, 2020 By Mend In Mend
The push to the cloud has introduced a previously unknown level of agility to many organizations, but sometimes at the expense of data security. Human error often is the cause of cloud security blunders, putting sensitive data at risk and causing real damage to companies in terms of financial liability and loss of reputation. This webinar discusses some of the more overlooked aspects of cloud security and offers up some best practices for ensuring data in the cloud is truly secure.
View Video

Demystifying PCI Software Security Framework: All You Need to Know for Your AppSec Strategy

Apr 16, 2020 By Mend In Mend
The Payment Card Industry (PCI) Security Standards Council recently released a new security framework to replace the previous standard (PCI PA-DSS). The new framework is set to better address the changes that the software development industry has seen in the past few years. Agile and DevOps methodologies, cloud and containerized environments and widespread open source usage have become the new normal and with this, present new AppSec challenges. To ensure that users of payment apps remain safe, the new framework aims to lay a substantial value on continuous application security.
View Video

Whitesource and CircleCI Orbs: Secure your CI/CD Pipelines from Start to Finish

Apr 16, 2020 By Mend In Mend
Open source software components play an important role by providing us with the building blocks of our products. However, even as we enjoy the benefits of open source components, they are not without their challenges, especially when it comes to security vulnerabilities.
View Video
styra

The origin of Open Policy Agent and Rego

Apr 16, 2020 By Tim Hinrichs In Styra

Why the cloud-native architecture required a new policy language I recently started a new series on the Open Policy Agent (OPA) blog on why Rego, OPA’s policy language, looks and behaves the way it does. The blog post dives into the core design principles for Rego, why they’re important, and how they’ve influenced the language. I hope it will help OPA users better understand the language, so they can more easily jump into creating policy of their own.

Read Post

Copyright © 2024 OpsMatters™. All rights reserved.