Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

DevOps

Signing Kubernetes with Sigstore

Aug 17, 2022 By Snyk In Snyk
Adolfo García Veytia, Staff Software Engineer at ChainGuard and Tech Lead on the Kubernetes SIG-Release team, joins Eric and Kyle to talk about how they were able to tackle signing all of the Kubernetes v1.24 image artifacts using Sigstore. Then we will demonstrate signing an image and vulnerability scan result attestations with Sigstore's cosign utility.
View Video
styra

OPA for All: Policy as Code in 10 Minutes

Aug 16, 2022 By Eric Kao In Styra

Open Policy Agent, or OPA, has emerged as an industry standard for cloud-native authorization and policy as code. From 2018 to now, it has grown from being a Cloud Native Computing Foundation (CNCF) sandbox project into a fully mature, graduated CNCF project, deployed by many of the largest organizations in the world. (For just the tip of the iceberg, here is a list of users who have made their adoption of OPA public).

Read Post
CloudCasa

Using Longhorn v1.3 CSI Snapshots for Backup and Recovery

Aug 16, 2022 By Sathya Sankaran In CloudCasa

With the release of Longhorn v1.3.0, CloudCasa by Catalogic is happy to announce that it fully supports the backup and recovery of Longhorn persistent volumes (PVs) on Kubernetes clusters. While previous versions of Longhorn supported volume snapshots and the CSI interface, Longhorn v1.3 introduced full support for the CSI snapshot interface so it can now be used to trigger volume snapshots in a cluster.

Read Post

Black Hat 2022: The CVSS Fallacy - can you trust the world's most popular vulnerability metric?

Aug 15, 2022 By JFrog In JFrog
The NVD defines one of the usages of CVSS as “a factor in prioritization of vulnerability remediation” and it is the current de-facto vulnerability metric, often seen as infallible guidance and a crucial element in many compliance processes. In our session we will go over real-world CVE examples, demonstrating cases and entire categories where CVSSv3.1 falls short of providing an accurate assessment, both due to its design and its various mishandlings. The session will also touch upon specific indicators in the CVE description that can raise the confidence in a CVSS score, and vice versa.
View Video

Untangle the Secrets of your JavaScript Dependencies

Aug 15, 2022 By Snyk In Snyk
In an ecosystem with an increasing number of dependencies, maintainers and supply chain attacks, discover an open source tool designed to analyze in depth the dependencies of a given remote package or local manifest. Not knowing what’s in the node_modules directory is a bad dream from the past. Dive in with me to find out the secrets that your dependencies hide from you.
View Video
styra

Collaborating on Access Control Policies with Open Policy Agent

Aug 12, 2022 By Ralf Gueldemeister In Styra

Zendesk Engineering consists of many teams that own a large number of different domains, ranging from engineering teams that built internal services to teams that work on our various product offerings. One concern that these teams have in common is controlling access to their APIs via fine-grained policies. Some APIs are only available to admins, others to users with a specific set of permissions and some APIs restrict access based on attributes of the data being accessed.

Read Post
teleport

Securing Your Snowflake Database with Teleport Database Access

Aug 11, 2022 By Kenneth DuMez In Teleport

Picture this: unfortunately you had to let one of your engineers go. No matter how many times you tried to tell them, after countless interventions and meetings with the engineering lead, they simply wouldn’t stop using tabs instead of spaces. An absolutely unforgivable offense. A few weeks later, suddenly your production Snowflake database is wiped out. You log on to assess the damages and you check the SNOWFLAKE.ACCOUNT_USAGE.QUERY_HISTORY for every user in the system.

Read Post

Copyright © 2024 OpsMatters™. All rights reserved.