Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

DevOps

[Webinar] GitGuardian and TechStrong Present Tackling Secrets at the Enterprise Level

Oct 24, 2022 By GitGuardian In GitGuardian
As DevOps turns to multi-cloud, workload containerization, and infrastructure-as-code, securing and distributing secrets across teams and environments has become a complex undertaking. Left unmanaged, this leads to secrets sprawl; in other words, the exposure of credentials in source control servers, DevOps tools, and every component that makes up the software development life cycle (SDLC). With exposed secrets, attackers can easily access an organization’s critical resources. They can breach the perimeter to carry out attacks, hijack computing power, exfiltrate customer data and compromise the integrity of the software supply chain.
View Video
mend

Meticulous Prep and Planning-A Linchpin of Modern AppSec Programs

Oct 20, 2022 By Carol Hildebrand In Mend

This is the second of a six-part blog series that highlights findings from a new Mend white paper, Five Principles of Modern Application Security Programs. Be sure to look out for our upcoming blogs on each of the five principles. It’s no exaggeration to say that IT and application security teams from all organizations are facing a perfect storm.

Read Post
armo

How to validate Kubernetes YAML files?

Oct 20, 2022 By Bezalel In ARMO
Kubernetes has taken center stage in how we now manage our containerized applications. As a result, many conventions to define our Kubernetes apps exist, including structures such as YAML, JSON, INI, and more. This leaves us to consider what is the best strategy to follow for our applications. Additionally, we must then also ask how we can validate our application configurations depending on the path we’ve chosen in terms of file structure and especially security.
Read Post
Tines

Handle Terraform Cloud infrastructure requests automatically with Tines

Oct 20, 2022 By Shaun Finn In Tines

Tines is pleased to have joined the Terraform Cloud Run Tasks ecosystem. Tines helps DevOps teams better leverage the generally available Terraform Cloud run tasks pre-plan by enabling them to approve and record infrastructure requests from Terraform Cloud automatically.

Read Post

Stranger Danger: Your Java Attack Surface Just Got Bigger

Oct 19, 2022 By Snyk In Snyk
Building Java applications today means that we take a step further from writing code. We use open-source dependencies, create a Dockerfile to deploy containers to the cloud, and orchestrate this infrastructure with Kubernetes. Welcome, you're a cloud native application developer! As developers, our responsibility broadened, and more software means more software security concerns for us to address.
View Video

User Office Hours | How to Secure CI/CD Pipeline w/ GitHub Actions & Snyk | Mar 23, 2022

Oct 19, 2022 By Snyk In Snyk
This User Office Hours session covers how to build a secure CI/CD Pipeline with GitHub Actions and Snyk. First, we'll build a demo application. Then, we'll walk through how to test for security issues using Snyk Open Source and Snyk Code. We'll then go on to deploy a container image. Missed the live stream? Feel free to ask questions in the comment section, and we'll do our very best to answer them.
View Video
CloudCasa

CloudCasa Helps Overcome Day 2 Kubernetes Challenges and Integrates with the 3 Major Cloud Providers

Oct 19, 2022 By Ayushi Raj In CloudCasa

In this episode of TFiR Let’s Talk, Swapnil Bhartiya sits down with Sathya Sankaran, COO of Catalogic and GM of CloudCasa, to discuss in-depth how CloudCasa is supporting backup for the three major cloud providers − Azure Kubernetes Service (AKS), Amazon Elastic Kubernetes Service (EKS), and Google Kubernetes Engine (GKE) − and the data protection challenges they are addressing.

Read Post

Copyright © 2024 OpsMatters™. All rights reserved.