DevOps

How To Setup Velero Backups On EKS Using IAM Roles for Service Accounts (IRSA)

Mar 9, 2023 By MD Islam In CloudCasa

Velero is an open-source tool that allows you to backup and restore your Kubernetes cluster resources and persistent volumes. Velero backups support a number of different storage providers including AWS S3. The process of setting up Velero backup with S3 using AWS credentials has been documented by Velero here. However, at the time of this post, there is no official documentation on how to set up Velero using IRSA or IAM Roles for Service Accounts.

Read Post

CloudCasa

Read more about How To Setup Velero Backups On EKS Using IAM Roles for Service Accounts (IRSA)

ARMO adds CIS EKS benchmark

Mar 9, 2023 By Craig Box In ARMO

ARMO Platform has added the CIS EKS benchmark. Now, with Amazon Elastic Kubernetes Service (EKS) users can add this specific benchmark to the frameworks already available to them.

Read Post

ARMO

Read more about ARMO adds CIS EKS benchmark

Understanding Kubernetes Architecture and Components

Mar 9, 2023 By GitGuardian In GitGuardian

This is a brief overview of the components that make up the architecture behind a Kubernetes cluster with an explanation of what each one does. This is part of a longer webinar with guest expert Tiexin Guo that explains best security practices to harden your Kubernetes clusters.

View Video

GitGuardian

Read more about Understanding Kubernetes Architecture and Components

Network security LAN Manager Authentication Level

Mar 9, 2023 By CalCom In CalCom

The LAN Manager (LM) is a group of early Microsoft client/server software products that enable users to connect personal computers on a single network. Its features include transparent file and printer sharing, user security features, and network administration tools. In Active Directory domains, the default authentication protocol is the Kerberos protocol. However, if Kerberos is not available for any reason, LM, NTLM, or NTLMv2 can be used as an alternative.

View Video

CalCom

Read more about Network security LAN Manager Authentication Level

Cultivating Developer Adoption

Mar 9, 2023 By Snyk In Snyk

Many organizations are encouraging their developer teams to adopt a security mindset and take more ownership on security issues earlier in the development process. But how can that actually be achieved effectively and what a successful program looks like in practice? In this recording, we’ll discuss some of the program lessons we’ve learnt from many enterprises that are going through this process and investigate different methodologies for implementing DevSecOps and will share what are best practices to follow and common pitfalls to avoid.

View Video

Snyk

Read more about Cultivating Developer Adoption

Webinar - Secure your IaC, infastrucutre as code best practices for security

Mar 8, 2023 By GitGuardian In GitGuardian

The cloud revolution has taken the world, and programming languages, by storm! In 2022, HCL, the HashiCorp Configuration Language, driven by the popularity of Terraform and Infrastructure-as-Code practices, became the #1 fastest-growing language on GitHub! Who would’ve expected that ten years ago?!

View Video

GitGuardian

Read more about Webinar - Secure your IaC, infastrucutre as code best practices for security

Android apps in the PlayStore are leaking their credentials and secrets

Mar 8, 2023 By GitGuardian In GitGuardian

How many android applications on the play store are leaking their credentials and secrets! The answer comes from independent research conducted by Cybernews which shows nearly half of all applications on the Play Store are leaking secrets. Vincentas Baubonis, a security researcher from CyberNews joined GitGuardian on a Webinar to detail some research they conducted exploring how android applications are leaking secrets.

View Video

GitGuardian

Read more about Android apps in the PlayStore are leaking their credentials and secrets

Stranger Danger: Your JavaScript Attack Surface Just Got Bigger

Mar 8, 2023 By Snyk In Snyk

Building JavaScript applications today means that we take a step further from writing code. We use open-source dependencies, create a Dockerfile to deploy containers to the cloud, and orchestrate this infrastructure with Kubernetes. Welcome - you're a cloud native application developer! As developers, our responsibility has broadened, and more software means more software security concerns for us to address.

View Video

Snyk

Read more about Stranger Danger: Your JavaScript Attack Surface Just Got Bigger

Getting Rid of Shared Secrets: The Major Design Flaw of All CI Systems

Mar 8, 2023 By Noah Stride In Teleport

If you’re a developer, devops or security engineer whose continuous integration (CI) systems rely on shared secrets for access management, you probably know firsthand the security risks that shared secrets present.

Read Post

Teleport

Read more about Getting Rid of Shared Secrets: The Major Design Flaw of All CI Systems

Mend & AWS CodeCatalyst Integration

Mar 8, 2023 By Mend In Mend

Are you using AWS CodeCatalyst? Mend can integrate with your source control and quickly detect open source artifacts and their known vulnerabilities and licensing risks. Mend also provides all the information you need to fix these artifacts automatically.

View Video

Mend

Read more about Mend & AWS CodeCatalyst Integration

Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

DevOps

How To Setup Velero Backups On EKS Using IAM Roles for Service Accounts (IRSA)

ARMO adds CIS EKS benchmark

Understanding Kubernetes Architecture and Components

Network security LAN Manager Authentication Level

Cultivating Developer Adoption

Webinar - Secure your IaC, infastrucutre as code best practices for security

Android apps in the PlayStore are leaking their credentials and secrets

Stranger Danger: Your JavaScript Attack Surface Just Got Bigger

Getting Rid of Shared Secrets: The Major Design Flaw of All CI Systems

Mend & AWS CodeCatalyst Integration

Monthly Archive

Follow Us