Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

DevOps

The Uber Hack - A step by step breakdown of the 2022 Uber data breach

Oct 7, 2022 By GitGuardian In GitGuardian
On September 15th Uber suffered a significant breach. In this video, we will break down exactly how Uber was breached from initial access to how the attacker moved laterally into different internal systems of Uber. What happened? Here’s what we know so far, pending investigation and confirmation from Uber’s security teams.
View Video

#DevOpsSpeakeasy at #devoxxMA 2022 with Carlos Sanchez @csanchez

Oct 6, 2022 By JFrog In JFrog
In this interview, we speak with Carlos Sanchez @csanchez Senior Cloud Software Engineer at Adobe, member at the Apache Software Foundation, author of Jenkins Kubernetes plugin about Kubernetes!! How moving to Kubernetes opens the door to a world of possibilities, the amount of workloads that can be run and the flexibility it provides. However this comes at a cost on managing the resources used by many applications and teams. Java applications can be specially challenging when running in containers.
View Video
teleport

Securely Implementing IdP-initiated SAML2 Login

Oct 6, 2022 By Joel Wejdenstål In Teleport

Security Assertion Markup Language 2.0, or more commonly known as SAML in the industry, is one of the most used protocols for single-sign-on on the modern web. It allows an application like Teleport to communicate with an upstream identity provider like Okta or Google Workspace to securely get trusted information about users when they log in, removing the need for sign-ups, log-ins and tying identities to people inside the application.

Read Post
styra

What Is RBAC? Examples, Benefits and Implementation

Oct 5, 2022 By Danny Baier In Styra

Access control is a key component of security programs, since it regulates who or what can access data and resources within an organization’s systems. Granting access only to authorized users prevents data breaches and malicious attacks and is a good way to practice the security principle of least privilege. This article focuses on RBAC, a type of access control, and its benefits and implementation.

Read Post

Stranger Danger: Your JavaScript Attack Surface Just Got Bigger

Oct 5, 2022 By Snyk In Snyk
Building JavaScript applications today means that we take a step further from writing code. We use open-source dependencies, create a Dockerfile to deploy containers to the cloud, and orchestrate this infrastructure with Kubernetes. Welcome - you're a cloud native application developer! As developers, our responsibility has broadened, and more software means more software security concerns for us to address.
View Video

How to hack a vulnerable OWASP Node.js apps: Part 2 | Snyk

Oct 5, 2022 By Snyk In Snyk
How to hack a vulnerable OWASP Node.js Apps We are back with part 2 of this livestream. Join us as we demonstrate how you can use the Node.js app. We also show the various ways it can be hacked so you can learn how to prevent it. Didn't catch the live stream? Ask all of your Snyk questions and we’ll do our very best to answer them in the comment section.
View Video
mend

Six Golden Rules for Software and Application Security

Oct 4, 2022 By Daniel Elkabes In Mend

October is Cybersecurity Awareness Month, established back in 2004 by the Office of the U.S. President and the U.S. congress. Led by the Cybersecurity and Infrastructure Security Agency (CISA) and the National Cybersecurity Alliance (NCA), the initiative helps both individuals and enterprises make smarter, more informed security decisions.

Read Post

Snyk and HashiCorp: The Snyk IaC Integration With HashiCorp Terraform Cloud and Terraform Enterprise

Oct 4, 2022 By Snyk In Snyk
In this video, learn about the Snyk IaC integration with HashiCorp Terraform Cloud and Terraform Enterprise, which enable developers to automate security checks and ensure public cloud environments are secure and compliant pre-deployment — directly in their Terraform Cloud pipelines.
View Video
teleport

How Gluu provides clients instant access to their Open-source platform using Teleport

Oct 3, 2022 By Nate Magee In Teleport

With Teleport, Gluu can provide its clients with near-instantaneous access to its open-source software, allowing them to get up and running in minutes. This is a huge benefit for organizations who need to quickly provision their tools in order to start using them. In the past, Gluu has documented many ways that it uses Teleport to provide Gluu clients a gateway for their tools.

Read Post
mend

Are You CODEfident?

Oct 3, 2022 By Arabella Hallawell In Mend

We’ve been watching the global transition to an app-driven world for some time now, as companies develop and deploy innovative software at warp speed. And we’ve also watched application security teams struggle to keep up. Many try to use yesterday’s tools for today’s AppSec reality, while others wrestle with immature application security programs. And that’s when we realized: modern application security programs are different. They run on CODEfidence. Let me explain.

Read Post

Copyright © 2024 OpsMatters™. All rights reserved.