DevOps

#DevOpsSpeakeasy at #swampUP San Diego 2022 with Eyal Ben Moshe

Oct 3, 2022 By JFrog In JFrog

In this interview, we speak to Eyal Ben Moshe, Head of the Ecosystem Engineering Group at JFrog, about the importance of shifting left and providing tools for developers to keep their software secure. He specifically discusses the release of Frogbit and Docker Desktop Extension and teases the BuildInfo resource, the metadata associated with a build in Artifactory.

View Video

JFrog

DevOps

Read more about #DevOpsSpeakeasy at #swampUP San Diego 2022 with Eyal Ben Moshe

Scaling Developer Security in Financial Organisations: Best Practices from ClearBank

Oct 3, 2022 By Snyk In Snyk

Join us for a virtual Q&A with Seb Coles, Engineering Manager at ClearBank, and Simon Maple, Field CTO at Snyk.

View Video

Snyk

Read more about Scaling Developer Security in Financial Organisations: Best Practices from ClearBank

Kubernetes Access support for Teleport Connect

Oct 3, 2022 By Ben Arent In Teleport

Teleport 10.3 was released on September 30, 2022 along with a lot of new features, bug fixes and improvements. This blog post will focus on one new feature that deserves a deeper dive.

Read Post

Teleport

Read more about Kubernetes Access support for Teleport Connect

Cybercriminals targeted users of packages with a total of 1.5 billion weekly downloads on npm

Oct 2, 2022 By Maciej Mensfeld In Mend

Another week, another supply chain incident. It’s been only nine days since the Mend research team detected the dYdX incident, and today we have detected another supply chain malicious campaign. On October 02, 2022 at 12:12 UTC, a new npm account was registered, and a package called nuiversalify was immediately uploaded. The same threat actor then proceeded to publish more typo/spellcheck squattings of popular packages until 14:03:29 UTC, with small but irregular time gaps between uploads.

Read Post

Mend

Read more about Cybercriminals targeted users of packages with a total of 1.5 billion weekly downloads on npm

This Week in VulnDB

Sep 30, 2022 By Snyk In Snyk

Welcome to This Week in VulnDB, Each episode we will look through some of the newer vulnerabilities in the Snyk vulnerability database, looking at emerging trends in attack vectors appearing in programming languages, platforms and ecosystems.

View Video

Snyk

Read more about This Week in VulnDB

How Styra DAS Entitlements Power Application Authorization

Sep 30, 2022 By Danny Baier In Styra

With the power of modern cloud computing, enterprises are building and updating applications quicker than ever. Expanding your business through the cloud is a fast-paced endeavor, which can be daunting to IAM teams more familiar with on-premises setups. While running applications on self-hosted infrastructure is still a best practice in some cases, businesses are finding it easier than ever to find and pounce on opportunities for growth by shifting to the cloud.

Read Post

Styra

Read more about How Styra DAS Entitlements Power Application Authorization

SSO Building blocks - SAML, OAuth 2.0 and OpenID Connect

Sep 30, 2022 By Aswin V In BoxyHQ

We have already covered SAML at a high level from both user and application provider points of view. In this post, we'll dive into the technicalities of SAML, OAuth 2.0 and OpenID Connect and how these come together to serve as building blocks for Jackson SSO.

Read Post

BoxyHQ

Read more about SSO Building blocks - SAML, OAuth 2.0 and OpenID Connect

Stranger Danger: Your Java Attack Surface Just Got Bigger

Sep 28, 2022 By Snyk In Snyk

Building Java applications today means that we take a step further from writing code. We use open-source dependencies, create a Dockerfile to deploy containers to the cloud, and orchestrate this infrastructure with Kubernetes. Welcome, you're a cloud native application developer! As developers, our responsibility broadened, and more software means more software security concerns for us to address.

View Video

Snyk

Read more about Stranger Danger: Your Java Attack Surface Just Got Bigger

Securing CI/CD Pipelines Through Security Gates with Kubescape

Sep 28, 2022 By Ben Hirschberg In ARMO

DevOps and modern engineering have enabled us to provide higher quality code at greater speeds by introducing guardrails and checks into our automated continuous integration (CI) and continuous deployment (CD) processes.

Read Post

ARMO

Read more about Securing CI/CD Pipelines Through Security Gates with Kubescape

CI/CD Security: How to Keep your CI/CD Pipelines Secure

Sep 28, 2022 By Jonathan Kaftzan In ARMO

The tech sector is expanding aggressively. And for businesses and services, keeping up with this growth implies only one thing: integrate new technologies and innovate at pace or be left out.

Read Post

ARMO

Read more about CI/CD Security: How to Keep your CI/CD Pipelines Secure

Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

DevOps

#DevOpsSpeakeasy at #swampUP San Diego 2022 with Eyal Ben Moshe

Scaling Developer Security in Financial Organisations: Best Practices from ClearBank

Kubernetes Access support for Teleport Connect

Cybercriminals targeted users of packages with a total of 1.5 billion weekly downloads on npm

This Week in VulnDB

How Styra DAS Entitlements Power Application Authorization

SSO Building blocks - SAML, OAuth 2.0 and OpenID Connect

Stranger Danger: Your Java Attack Surface Just Got Bigger

Securing CI/CD Pipelines Through Security Gates with Kubescape

CI/CD Security: How to Keep your CI/CD Pipelines Secure

Monthly Archive

Follow Us