How to Handle Secrets in Docker
DevOps engineers must handle secrets with care. In this series, we summarize best practices for leveraging secrets with your everyday tools.
Security | Threat Detection | Cyberattacks | DevSecOps | Compliance
The Latest Cybersecurity News & Insights From Around The World
DevOps
Snyk Workflows - Ignores & PR Checks
Snyk integrates with your IDEs, repos, workflows, and automation pipelines to add security expertise to your toolkit. The “menu” of options available to you is extensive, so we created this three-part series to get you started and running. Do you want your dev teams and AppSec teams to be aligned? The second session of the series digs deeper into using ignore capabilities. You’ll also learn about PR checks. This is a great way to get ahead of permissions.
Stranger Danger: Your Java Attack Surface Just Got Bigger
Building Java applications today means that we take a step further from writing code. We use open-source dependencies, create a Dockerfile to deploy containers to the cloud, and orchestrate this infrastructure with Kubernetes. Welcome, you're a cloud native application developer! As developers, our responsibility broadened, and more software means more software security concerns for us to address.
Deeper Dive: Updates to Our Terraform Essential Policy Toolkit
Following up from our previous Kubernetes Essential Policy Toolkit Deeper Dive, we’re excited to announce upcoming enhancements to Terraform use cases in Styra DAS and take a deeper dive into the Styra DAS Terraform policy toolkit. With the enhanced Styra DAS Terraform policy toolkit, we’re making it even easier for platform engineering and cloud infrastructure teams to support their company’s application developers while delivering secure and compliant infrastructure configurations.
Building a Modern AppSec Strategy: How to Secure Applications
Threat actors today are increasingly targeting the application layer, driving significant challenges for companies using traditional application security strategies. To defend themselves against the rapidly evolving threat landscape, organizations need to build a modern AppSec strategy that addresses these fast-changing conditions. But how?
Introducing Enterprise OPA: an Enterprise-grade OPA Distribution Built for Data-heavy Workloads
Today, we launched Enterprise OPA, an enterprise-grade OPA distribution built to provide resource-efficient performance for data-heavy authorization. Designed to mitigate the effects of data-heavy workloads, our new offering allows you to reduce infrastructure costs, optimize authorization performance and minimize enterprise risk with powerful live impact analysis, while connecting natively to existing data sources.
Securing AWS CLI with HTTPS proxy using Teleport
With Teleport you can register your AWS account as an application and access it securely within Teleport. You can also use the AWS CLI. In this video, we'll take a look at a new way to create a secure, local AWS Proxy to use for third-party tools like Terraform and Boto3.
How to Install Styra Load
Styra Developer Advocate Peter O'Neil shares how to download and install Styra Load, as well as how to hot swap Styra Load for an OPA instance.
How to Benchmark Styra Load
Styra Developer Advocates Peter O'Neil and Charlie Egan share how to run performance benchmarks with Styra Load against standard OPA deployments. You will need access to a Styra Load license key to perform the local benchmarks.
JFrog Presents: Triple Therapy for your Dev, Sec AND Ops Teams
This Valentine's Day, bring your #Dev, #Sec and #Ops team together, and fall in love all over again!