Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

DevOps

Complete guide to GitHooks - Creating your own pre-commit hooks

May 10, 2023 By GitGuardian In GitGuardian
GitHooks are a great way of automating tasks and checking information while using git. These hooks are both powerful surprisingly easy to create yourself. In this video tutorial we run through how git hooks work and create both local and global git hooks which can call an API, use grep to find keys and call local package.
View Video
jfrog

How a software supply chain platform streamlines DevOps best practices

May 9, 2023 By JFrog Team In JFrog

Today’s software developers are tasked with a lot more than just coding. To keep up with the fast-paced software-driven economy, they need to focus on automation, collaboration, security, distribution, data analysis, and agility to ensure quality builds and get releases to customers quickly and securely. DevOps and security professionals need a centralized system of records that provides visibility across the business.

Read Post
mend

What are Malicious Packages? How Do They Work?

May 9, 2023 By Carol Hildebrand In Mend

Software developers build approximately 80% of software applications using open-source code, which opens up a world of opportunity for today’s threat actors. Code package repositories such as npm and RubyGems allow anyone to store or publish packages, and unfortunately that can include packages containing malware. These are known as malicious packages — the malware of the software supply chain. As the name implies, a malicious package is software that is created with malicious intent.

Read Post
indusface

The Role of WAAP Platforms in the CI/CD Pipeline

May 8, 2023 By Phani Deepak Akella In Indusface
Most SaaS engineering teams use the CI/CD pipeline for software development. Since a CI/CD approach enables faster, more collaborative, and more efficient development processes, leading to higher-quality software. No wonder that this is popular. More frequent release cycles mean more opportunities for vulnerabilities to creep into the code. While DevOps teams are central to running a CI/CD pipeline, since application security is gaining importance, more engineering teams are adding DevSecOps teams.
Read Post

What are honey pots? Hacker explains why honey pots are so effective at catching security breaches

May 8, 2023 By GitGuardian In GitGuardian
Hacker Adriel Desautel explains why honey pots are such an effective tool to use against malicious threat actors. Adriel is a legendary personality in the security and hacking communities, today as the founder and CEO of Netraguard he, along with his team, conduct real world penetration tests on organizations of all sizes. This clip is part of an episode in The Security Repo Podcast where white hat hackers Noah Tongate and Adriel Desautel give real world advice on how to protect yourself against 'people like them'.
View Video

ChatGPT Data Breach Break Down

May 5, 2023 By GitGuardian In GitGuardian
OpenAi have confirmed they have had a data breach involving a vulnerability inside a open-source dependency Redis. This allowed threat actors to see history from other active users. But this leads to the bigger question, how can we secure ChatGPT. In this video I explain my position using some interesting data that ChatGPT should be part of all organizations threat landscape and that banning ChatGPT won't help the situation.
View Video

Copyright © 2024 OpsMatters™. All rights reserved.