DevOps

Deceptive 'Vibranced' npm Package Discovered Masquerading as Popular 'Colors' Package

Apr 17, 2023 By Tom Abai In Mend

A new malicious package has been detected on the Node Package Manager (npm) repository that poses a significant threat to users who may unknowingly install it. Named ‘Vibranced,’ the package has been carefully crafted to mimic the popular ‘colors’ package, which has over 20 million weekly downloads.

Read Post

Mend

Read more about Deceptive 'Vibranced' npm Package Discovered Masquerading as Popular 'Colors' Package

The Lemontech story - GitGuardian customer stories

Apr 16, 2023 By GitGuardian In GitGuardian

A few weeks ago, we had the pleasure of exchanging with Ezequiel Rabinovich, Lemontech's CTO, about how his teams use GitGuardian to protect their repositories. Lemontech is a company developing software for the legal industry based in Santiago, Chile. It serves more than 1,300 customers in Latin America. Ezequiel supervises a team of about 30 developers and 4 DevOps engineers for approximately 150 employees. They use GitHub for source control management, and their organization has 350 repos, 130 of which are active.

View Video

GitGuardian

Read more about The Lemontech story - GitGuardian customer stories

New Service Offering to Manage and Run Velero Backups at Enterprise Scale

Apr 14, 2023 By Bob Adair In CloudCasa

It’s spring again, and as the weather warms, the birds sing, and the flowers bloom, our thoughts here at Catalogic have turned to yet another major CloudCasa feature update! Our engineering team has (as they like to frequently point out) exceeded all reasonable expectations once again by delivering a veritable cornucopia of new features.

Read Post

CloudCasa

Read more about New Service Offering to Manage and Run Velero Backups at Enterprise Scale

Improving cloud security posture with infrastructure-as-code

Apr 13, 2023 By Monika Chakraborty In Synopsys

With ever-increasing application architecture complexity, infrastructure-as-code is your key to boosting your cloud security posture.

Read Post

Synopsys

Read more about Improving cloud security posture with infrastructure-as-code

The importance of platform engineers in a security program

Apr 13, 2023 By Elliott Spira In Snyk

Platform engineers need to be empowered in an organization’s security program. Their work has huge leverage over a product's security posture, arguably as great an impact (some would even say greater) than application vulnerabilities. Despite the significance of the impact of their work, their role in security programs remain ill-defined.

Read Post

Snyk

Read more about The importance of platform engineers in a security program

Best Practices for Securing Infrastructure as Code (IaC) in the DevOps SDLC [cheat sheet included]

Apr 13, 2023 By Guest Expert In GitGuardian

Discover the best practices and tools to secure your infrastructure as code (IaC) throughout the DevOps software development lifecycle. From threat modeling to monitoring, this comprehensive guide offers valuable insights to improve the security, reliability, and consistency of your IaC.

Read Post

GitGuardian

Read more about Best Practices for Securing Infrastructure as Code (IaC) in the DevOps SDLC [cheat sheet included]

Kubernetes 1.27 Release: Enhancements and Security Updates

Apr 13, 2023 By Craig Box In ARMO

The Kubernetes 1.27 release brings multiple enhancements and security updates, providing users with an improved, more flexible, and secure platform for building and managing containerized applications. This post will provide an overview of the security-related updates and most significant enhancements in v1.27.

Read Post

ARMO

Read more about Kubernetes 1.27 Release: Enhancements and Security Updates

Styra Load: Using Data From Kafka for Real time Policy Decisions

Apr 12, 2023 By Styra In Styra

Styra Load supports the Kafka API, which makes it possible to stream data updates to Styra Load. This can be useful when events representing changes to data used in policy evaluation are available on a Kafka topic. Here, Adam Sandor explains how you can use Kafta streaming data to make real-time policy decisions.

View Video

Styra

Read more about Styra Load: Using Data From Kafka for Real time Policy Decisions

Live Impact Analysis with Styra Load: How to Not Break Production

Apr 12, 2023 By Styra In Styra

Styra Load allows you to assess the impact of policies against your current production resources. Here, Adam Sandor shows you how to use Live Impact Analysis to full effect — helping you to enforce robust policy without impacting production.

View Video

Styra

Read more about Live Impact Analysis with Styra Load: How to Not Break Production

Pycharm Integration

Apr 12, 2023 By Mend In Mend

Are you using JetBrains Pycharm IDEA? Mend.io can integrate with your IDE and quickly detect open source artifacts and their known vulnerabilities. Mend.io also provides all the information you need to fix these artifacts automatically.

View Video

Mend

Read more about Pycharm Integration

Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

DevOps

Deceptive 'Vibranced' npm Package Discovered Masquerading as Popular 'Colors' Package

The Lemontech story - GitGuardian customer stories

New Service Offering to Manage and Run Velero Backups at Enterprise Scale

Improving cloud security posture with infrastructure-as-code

The importance of platform engineers in a security program

Best Practices for Securing Infrastructure as Code (IaC) in the DevOps SDLC [cheat sheet included]

Kubernetes 1.27 Release: Enhancements and Security Updates

Styra Load: Using Data From Kafka for Real time Policy Decisions

Live Impact Analysis with Styra Load: How to Not Break Production

Pycharm Integration

Monthly Archive

Follow Us