Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

Application Security

The latest News and Information on Application Security including monitoring, testing, and open source.

ASPM Best Practices for Secure Success

The days where applications were monoliths built of proprietary code, and releases were set quarterly are no more. Instead, they have been replaced by fast paced development sprints, with software created using plenty of code from open-source repositories. The growing complexities of software development and the associated risks have far exceeded the abilities of traditional application security.

Introducing kntrl: Enhancing CI/CD Security with eBPF

CI/CD pipelines are formed by a series of steps that automate the process of software delivery. They integrate the practices of Continuous Integration (CI) and Continuous Delivery (CD) along with the tools, platforms, and repositories that enable them. Their goal is to simplify, streamline and automate large parts of the software development process.

Using webhooks to boost cloud-native application security

In the ever-evolving landscape of cloud-native applications built with containers and Kubernetes, webhooks serve as the communication backbone, facilitating seamless integration between various components, especially in the realms of security, networking, and troubleshooting. This is further amplified when combined with popular collaboration tools such as Jira and Slack.

Are your APIs secure? Try our new free tool: API Specification Evaluator

Test API specification With the growing footprint of APIs, there is a strong need for secure-by-design APIs. A design blueprint of an API would be a helpful start in determining the security standard of an API. Fortunately, APIs have that blueprint known as an OpenAPI Specification. API Specifications play a crucial role in ensuring the security and functionality of APIs.

Cloud Unfiltered with Ohad Maislish - Infra as Code - Episode 5

Ohad Maislish discussed cloud infrastructure, DevOps, and the evolution of cloud technologies. Ohad shares his journey from a geek interested in infrastructure to founding M0, focusing on how cloud computing is becoming code with tools like Terraform and Pulumi. They discuss the challenges of platform engineering, the importance of infrastructure as code, and the move towards empowering developers with self-service cloud infrastructure. The dialogue also touches on the significance of open-source projects and the impact of Terraform's licensing changes, leading to the creation of OpenTofu.

Cloud Unfiltered with Cory O'Daniel on DevOps vs. Platform Engineering - Episode 4

Cory O'Daniel, CEO of Massdriver discusses his blog series, which contains the article entitled "DevOps is BS!". Find out why he and others are coming to the conclusion that this may be the case. Additionally, Cory discusses the need for a more consolidated approach to DevOps and how platform engineering may be the answer. Find Out: Find out this and more in the latest episode of Cloud Unfiltered.

Supply Chain Security Snags

Picture a domino effect in the business world: one weak link in a supply chain triggers a cascade of disruptions. This is the reality of supply chain attacks, where a minor breach can escalate into a major crisis. It underscores the urgent need for robust security across the whole supply chain. Supply chain attacks represent a sophisticated threat to organizations, often involving multiple stages of exploitation.