June 2021

DevSecOps is a practice. Make it visible

Jun 30, 2021 By JFrog In JFrog

Security should be embedded in DevOps by default, but for many organizations, it is not. Enter “DevSecOps”. What is DevSecOps? It is a practice to build more secure applications, secure the software factory, and secure cloud workloads. Because it is a practice it needs to be visible. In this session hear about the ways tech-enabled enterprises approach a DevSecOps practice, how they make it visible, and how Splunk + JFrog can accelerate your journey.

View Video

JFrog

Read more about DevSecOps is a practice. Make it visible

The Biggest DevSecOps Hits From swampUP 2021

Jun 24, 2021 By Paul Garden In JFrog

In the wake of recent events like the SolarWinds hack and the White House executive order on cybersecurity, DevSecOps and security are top-of-mind for most DevOps and security professionals. How to efficiently adapt or adopt a sound DevSecOps practice has become a priority, especially with the U.S. government’s impending mandate requiring software applications to be vetted, and to create a trusted Software Bill Of Materials (SBOM) for each one.

Read Post

JFrog

Read more about The Biggest DevSecOps Hits From swampUP 2021

Drive DevSecOps Visibility with JFrog Partner Integrations

Jun 23, 2021 By John Peterson In JFrog

If you need your teams to act, you need to alert them where they’re already looking. Yet yesterday’s DevOps practices demand individuals to wrangle with uncorrelated events, multiple UIs, and siloed technologies. Tomorrow’s DevOps must enable teams with: To practice DevSecOps, you’ll need to know where a vulnerable build has been deployed into production, and where to find the corrected build that should replace it.

Read Post

JFrog

Read more about Drive DevSecOps Visibility with JFrog Partner Integrations

Glaring Gap in Open Source Security: Veracode Finds 80 percent of Libraries Used in Software Are Never Updated

Jun 22, 2021 By Veracode In Veracode

Despite inherent risks of open source code, good software security posture still lacking. 69 percent of fixes are minor and won't break functionality of even the most complex software applications.

Read Post

Veracode

Read more about Glaring Gap in Open Source Security: Veracode Finds 80 percent of Libraries Used in Software Are Never Updated

How To Cyber Security: Put the Sec in DevOps with Intelligent Orchestration

Jun 16, 2021 By Jonathan Knudsen In Synopsys

DevSecOps is a team effort. Learn how to build security into DevOps to deliver secure, high-quality software faster using SAST and SCA software solutions. Modern software development is more of everything: more code, in more languages, on more platforms, with more deployment options. DevOps demands automation to maximize velocity and continuous improvement throughout process feedback. All this more also means more security risk.

Read Post

Synopsys

Read more about How To Cyber Security: Put the Sec in DevOps with Intelligent Orchestration

Upgrading DevSecOps with compliance automation - Bryan Langston, Mirantis

Jun 11, 2021 By Tigera In Tigera

Compliance automation is a commonly overlooked area of Kubernetes observability. The question is: how do you automate compliance to a security framework that isn’t well understood by DevSecOps teams to begin with? This lack of understanding contributes to mismanaged compliance efforts and in a worst-case scenario, audit exposures and organizational risk. This talk will walk through an example of how to 1) map compliance controls to specific Kubernetes technical configuration 2) automate the assessment of those controls 3) visualize the assessment results. DevSecOps teams will better understand how to incorporate compliance automation alongside security automation.

View Video

Tigera

Read more about Upgrading DevSecOps with compliance automation - Bryan Langston, Mirantis

A Team-Centric View of Security with Snyk and CloudBees

Jun 8, 2021 By Snyk In Snyk

How does a team-centric collaboration focus change how a team maintains the security of the code? In this fireside chat, Patrick Debois, Snyk Labs Researcher, joins Anders Wallgren, Vice President of Technology Strategy at CloudBees. to explore this theme. They discuss what's new and changing with application security and what have we learned from DevOps that organizations can and should apply to DevSecOps.

View Video

Snyk

Read more about A Team-Centric View of Security with Snyk and CloudBees

What Is DevSecOps and How To Implement It

Jun 8, 2021 By Emily Heaslip In Nightfall

DevSecOps follows the same trend as Agile and DevOps: how can developers create software that’s better, faster, and less expensive? The DevSecOps motto — “software, safer, sooner” adds the missing piece to the latest approach to quicker product development. Security, previously an afterthought in the product development lifecycle, is now becoming an integral part of the process.

Read Post

Nightfall

Read more about What Is DevSecOps and How To Implement It

Digging Into AppBoundDomains in iOS

Jun 3, 2021 By Jared Carlson In Veracode

iOS 14 issued a number of changes, as every new release does. But one area where Apple clearly spent a fair amount of time is in their WebViews. Traditionally, UIWebView was the class de jour when a developer wanted to present a web page. In iOS 14 though, UIWebView was officially deprecated in favor of WKWebView.

Read Post

Veracode

Read more about Digging Into AppBoundDomains in iOS

Veracode Named A Leader In 2021 Gartner Magic Quadrant For Application Security Testing For Eighth Consecutive Time

Jun 1, 2021 By Veracode In Veracode

Global AppSec provider also achieves highest scores in 2021 Gartner Critical Capabilities for Enterprise and Public-Facing Web Applications.

Read Post

Veracode

Read more about Veracode Named A Leader In 2021 Gartner Magic Quadrant For Application Security Testing For Eighth Consecutive Time

Veracode Named a Leader in 2021 Gartner Magic Quadrant for Application Security Testing

Jun 1, 2021 By Elana Anderson In Veracode

Veracode has been named a Leader in the 2021 Gartner Magic Quadrant for Application Security Testing (AST) for the eighth consecutive year. Gartner evaluates vendors based on their completeness of vision and ability to execute in the application security testing (AST) market. This recognition comes just months after we were named Gartner Peer Insights Customers’ Choice for AST, proving, in our opinion, the strength of our AST offerings according to both experts and users.

Read Post

Veracode

Read more about Veracode Named a Leader in 2021 Gartner Magic Quadrant for Application Security Testing

Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

June 2021

DevSecOps is a practice. Make it visible

The Biggest DevSecOps Hits From swampUP 2021

Drive DevSecOps Visibility with JFrog Partner Integrations

Glaring Gap in Open Source Security: Veracode Finds 80 percent of Libraries Used in Software Are Never Updated

How To Cyber Security: Put the Sec in DevOps with Intelligent Orchestration

Upgrading DevSecOps with compliance automation - Bryan Langston, Mirantis

A Team-Centric View of Security with Snyk and CloudBees

What Is DevSecOps and How To Implement It

Digging Into AppBoundDomains in iOS

Veracode Named A Leader In 2021 Gartner Magic Quadrant For Application Security Testing For Eighth Consecutive Time

Veracode Named a Leader in 2021 Gartner Magic Quadrant for Application Security Testing

Monthly Archive

Follow Us