Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

DevOps

GitGuardian Teams - Role-base Access Management

Mar 29, 2023 By GitGuardian In GitGuardian
At GitGuardian, we work with customers of all sizes, some with many dozens of AppSec team members supporting tens of thousands of developers. The larger and more sophisticated the organization, the more they rely on Role-based Access Management to best administer user permissions. On the GitGuarian platform, we call this feature Teams. Sign up for a free trial of the business plan today to see how Teams can improve your remediation workflow.
View Video

GitGuardian Playbooks - Auto-Granting Access To Incidents

Mar 29, 2023 By GitGuardian In GitGuardian
At GitGuardian, we know that time can be a critical factor when any incident involving secrets occurs. That's why our platform allows you to quickly and easily automate parts of your incident response. We call these automations "Playbooks". Our Auto-access granting playbook grants the right access to the right developers so they can work on the issue as soon as possible.
View Video
styra

Enforcing Role-based Access Control (RBAC) Policies with OPA

Mar 28, 2023 By Charlie Egan In Styra

A common use case our customers have for Open Policy Agent (OPA) is access control. The problem of access control is generally broken down into two parts, authentication and authorization. Authentication is about making sure we can trust someone’s stated identity, authorization is making decisions about who can do what.

Read Post
armo

Securing your CI/CD pipelines: How GitHub Actions can Help

Mar 28, 2023 By Oshrat Nir In ARMO
This post discusses how GitHub Actions can enhance the security of CI/CD pipelines by automating security-related tasks and providing integration with other security tools, version control, access control, and auditing. These days, security has become more important than ever in software development processes. With cyberattacks becoming increasingly frequent and sophisticated, organizations must prioritize security throughout their software development lifecycle to protect their systems, data, and users.
Read Post

Multi-layered Zero Trust with Yash Kosaraju

Mar 24, 2023 By Teleport In Teleport
For this 18th episode of Access Control Podcast, a podcast providing practical security advice for startups, Developer Relations Manager at Teleport Ben Arent chats with Yash Kosaraju. Yash is Chief Security Officer at @Sendbird Sendbird's mission is to build connections in a digital world, providing APIs and services for chat products with API and tools to integrate into apps. This episode dives into how teams can build multi-layered security systems to go beyond zero-trust to let teams do their work but also provide checks.
View Video
teleport

Going Beyond Network Perimeter Security by Adopting Device Trust

Mar 23, 2023 By Alan Parra In Teleport

It’s a familiar nightmare you’ve heard of and might even face as a developer or security engineer: alerts firing in all directions warning that your company’s VPN and firewall — that supposedly “safe” defensive perimeter around your infrastructure — has been breached. And the scariest part is that you find out after the fact — after access credentials and customer assets have been stolen.

Read Post

Out of This World Cybersecurity

Mar 23, 2023 By Snyk In Snyk
From cybersecurity Executive Orders, to Emergency Directives, to establishing a presence on the moon, cybersecurity at NASA encompasses a wide variety of both Information and Operational Technology assets, some of which are literally out of this world. Attendees will gain insights into the challenges and best practices in securing critical assets in highly dynamic and complex environments.
View Video

Dev First Prevention Strategies Using the CI/CD

Mar 23, 2023 By Snyk In Snyk
Watch this office hours where we cover best practices for introducing a blocking/prevention strategy using the CI/CD Integration. Security and engineering teams often fail to find a balance between meeting the necessary security objectives for their organization and ensuring maximum velocity. While security teams view the process of blocking new critical severity vulnerabilities as a basic security best practice, engineering teams often push back out of fear that it will create too much friction for their developers.
View Video

Copyright © 2024 OpsMatters™. All rights reserved.