Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

February 2023

synopsys

Take the pressure off coding for your developers

Feb 28, 2023 By Steven Zimmerman In Synopsys
IDE security plug-in tools like Code Sight can help shift security left without slowing down your development teams. In 2022, Synopsys commissioned the SANS Institute to examine how organizations achieved improvements in their security posture and operational effectiveness by aligning development, security, and operations teams around the cultural ideals, practices, and tools that make up the secure DevOps, or DevSecOps, methodology.
Read Post

DevSecOps toolchain

Feb 26, 2023 By Jit In Jit
Are you using security tools such as Semgrep, Prowler, KICS, Semgrep, OWASP ZAP, NPM-Audit, Ttivy or others as part of your DevSecOps Toolchain? How do you monitor or get reports from each one of those security tools? Do you implement and configure them manually across all your resources? Jit is an open DevSecOps Orchestration Platform; get your first scan in 5 minutes; you’ll enjoy a fix-focused, native developer experience and comprehensive AppSec visibility.
View Video

DevSecOps - Why, When & How?

Feb 22, 2023 By Apono In Apono
Delve into the responsibilities and importance of DevSecOps , and address several crucial aspects of DevSecOps, including the ideal timing for implementation, the responsibilities and qualifications of the team or individual responsible for managing the DevSecOps function, KPIs for evaluating success, and the direction in which the role of DevSecOps is evolving. Our Panelists: Alexander “Sasha” Barshay DevSecOps Team Lead @Qwilt Rom Carmel CEO @apono.io Heath Newburn Distinguished Field Engineer @Pagerduty Idan Pinto DevSecOps @fiverr.
View Video

Is it ODD to Shift Left? Building Elite DevSecOps Performers

Feb 8, 2023 By Sumo Logic In Sumo Logic
In today’s world, customers expect top-notch digital experiences. Apps that are slow, or leak sensitive data, will alienate even the most ardent users. This session will explore the underlying use cases for shifting security and observability left with two emerging practices, DevSecOps and Observability Driven Design.
View Video
datatrails

Tracking the transport of radioactive sources with blockchain

Feb 3, 2023 By Cindy Vestergaard In DataTrails

This week, Australian authorities recovered a tiny capsule, just 6mm x 8mm (0.24 x 0.31 inches) along a 900km section of Australia’s longest highway, the Great Northern Highway. The pea-sized capsule was a radiation gauge containing caesium-137, a radioactive material with a half-life of 30.05 years, that is used to measure the density and flow of materials in the mining, and oil and gas industries.

Read Post
chaossearch

5 Advanced DevSecOps Techniques to Try in 2023

Feb 2, 2023 By David Bunting In ChaosSearch
If you’re here, you know the basic DevSecOps practices like incorporating proper encryption techniques and embracing the principle of least privilege. You may be entering the realm of advanced DevSecOps maturity, where you function as a highly efficient, collaborative team, with developers embracing secure coding and automated security testing best practices.
Read Post
gitguardian

How to Bake Security into your CI/CD Pipeline

Feb 1, 2023 By GitGuardian In GitGuardian
According to IBM Security's "The Cost of a Data Breach Report", the global cost of data breaches in 2022 increased by 2.6% compared to previous year, reaching $4.35 million. The source code of major companies like Nvidia, Microsoft, Uber, Slack, Toyota was leaked, often caused by usage of hardcoded secrets (you can see more details in the infographics below). In those cases, lateral movements were compromising software supply chain security. In their report Gartner claims about 45% of companies should expect to become targets of supply chain attacks by 2025.
Read Post

Copyright © 2024 OpsMatters™. All rights reserved.