Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

DevOps

trustcloud

New Integrations Just Announced: CircleCI and Travis CI

Aug 23, 2022 By Tejas Ranade In TrustCloud

Since working on a spreadsheet, you and your team have come a long way. You’re enjoying the ease of working in TrustOps because it automates control mapping, test creation, and evidence workflows. However, you’re looking for ways to save a bit more time, so you can focus on your day job and growing list of priorities. Collecting evidence to validate compliance controls takes time and affects your team’s productivity, including HR, IT, and DevOps.

Read Post
armo

Kubernetes version 1.25 - everything you should know

Aug 22, 2022 By Amir Kaushansky In ARMO
Kubernetes' new version - version 1.25 - will be released on Tuesday 23rd August 2022, and it comes with 40 new enhancements in various areas and numerous bug fixes. This blog will focus on the highlighted changes from each special interest group (SIG) in the upcoming release and ensure you are confident before upgrading your clusters.
Read Post
armo

Code repository scanning & Container image registry scanning with Kubescape

Aug 20, 2022 By Jonathan Kaftzan In ARMO
New exciting Kubescape features have recently landed - Code repository scanning & Container image registry scanning! By enhancing Kubescape's security posture capabilities, you will be able to embed security even earlier in the SDLC (Software Development Lifecycle) and in a broader range of places in your CI/CD pipeline.
Read Post
mend

Mining Malware History for Clues on Malicious Package Innovation

Aug 18, 2022 By Daniel Elkabes In Mend

Malware has come a long way since it first made the scene in the late 1990s, with news of viruses infecting random personal computers worldwide. These days, of course, attackers have moved beyond these humble roots. Now they deploy a variety of innovative techniques to extract large amounts of money from businesses around the world. A similar development is taking place with malware’s upstart cousin – the emergence of malicious packages being uploaded to package registries.

Read Post
styra

The One-Stop Kubernetes Security Checklist

Aug 18, 2022 By Will Seaton In Styra

Securing your Kubernetes environments may seem daunting at first, given how many different parts must be individually protected. Still, with the proper organization, you can make Kubernetes security much simpler and more effective. We’ve put together a complete Kubernetes security checklist of best practices and security recommendations to help you keep track of your progress. To make this a little easier, we’ve divided this checklist into the following sections.

Read Post

Why You Need to Ditch Passwords, Private Keys, and All Other Forms of Secrets

Aug 18, 2022 By Teleport In Teleport
Despite the steady drumbeat of news stories on security breaches caused by compromised credentials, 70% of teams still use secrets such as private keys or passwords to grant infrastructure access. In this webinar, we’ll cover why all forms of secrets are bad for you and your business, and why MFA is not good enough. We'll cover how the adoption of Passwordless Authentication and related hardware technologies like TPMs and HSMs fix a slew of problems, including making phishing attacks a thing of the past.
View Video

Signing Kubernetes with Sigstore

Aug 17, 2022 By Snyk In Snyk
Adolfo García Veytia, Staff Software Engineer at ChainGuard and Tech Lead on the Kubernetes SIG-Release team, joins Eric and Kyle to talk about how they were able to tackle signing all of the Kubernetes v1.24 image artifacts using Sigstore. Then we will demonstrate signing an image and vulnerability scan result attestations with Sigstore's cosign utility.
View Video

Copyright © 2024 OpsMatters™. All rights reserved.