Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

DevOps

Zero Trust - Replacing Depth with Logic. Identity & Access Management eSummit 2022

May 17, 2022 By Teleport In Teleport
In a hybrid work setup, workers should be able to authenticate themselves in the virtual environment securely. However, identity theft and technologies like deep fakes ensure that securing identities remains a major challenge. Organizations want to ensure their identities are safe and hack-proof. Join industry leading practitioners and experts to learn how to protect identities.
View Video
mend

Vulnerability Remediation: A Practical Guide

May 17, 2022 By Adam Murray In Mend

To stay ahead of malicious attacks, developers and security teams must have a way to identify, prioritize, fix, and monitor vulnerabilities, a process known as vulnerability remediation. When it comes to detection, organizations can use a variety of application security testing (AST) tools to identify vulnerabilities in software applications and other systems.

Read Post
teleport

How to Configure Single Sign-On (SSO) for Amazon RDS Access

May 13, 2022 By Janakiram MSV In Teleport

This blog is part two of a series about identity-aware access for Amazon RDS. In Part I, we covered how to use OSS Teleport to access Amazon RDS instances running in private subnets. In Part II, we will guide you through the steps to configure single sign-On (SSO) for Amazon RDS with Okta, SAML and Teleport.

Read Post

(SBOM) Creation of your Software Bill of Materials

May 13, 2022 By JFrog In JFrog
Because of growing software supply chain cyber-attacks and incidents like Log4J, tracking your Software Bill of Materials has become essential. It’s a list of the “ingredients” that make up a piece of software. SBOMs are used by software producers to manage components, software buyers to assess security and compliance, and operators to monitor risks and threats. SBOMs are required by military, and government agencies and will likely become the norm, especially in highly regulated industries. Documenting and reporting your SBOM will become a universal best practice.
View Video
mend

Impact Analysis: CVE-2022-29218, Allows Unauthorized Takeover of New Gem Versions via Cache Poisoning

May 12, 2022 By Maciej Mensfeld In Mend

It’s been a bad month for RubyGems vulnerabilities. Critical CVE-2022-29176 was issued May 8, 2022, and another critical CVE-2022-29218 was discovered less than a week later, on May 11. This new vulnerability would allow for a takeover of new versions of some platform-specific gems under certain circumstances.

Read Post
keeper

Terraform & Keeper Secrets Manager: Better Together

May 12, 2022 By Craig Lurey In Keeper

Terraform is a very popular infrastructure-as-code (IAC) tool that enables DevOps teams to deploy and manage infrastructure such as servers, containers and databases. Since Keeper Secrets Manager supports record creation through Terraform, you can secure infrastructure secrets using your Keeper Vault. This feature, combined with existing credential read functionality, makes it possible to maintain your credentials’ full lifecycle using Keeper and Terraform.

Read Post

Copyright © 2024 OpsMatters™. All rights reserved.