Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

DevOps

Security at ServiceNow (feat. Karl Klaessig) - The Big Fix 2022 by Snyk

Mar 29, 2022 By Snyk In Snyk
Karl Klaessig, Director of Product Marketing and Security Operations at ServiceNow joins Randall Degges, Head of Developer Relations and Community at Snyk to discuss security challenges and how they approach them at ServiceNow. The Big Fix brought together developers, DevOps, and security practitioners of all skill levels to help make the internet more secure through a month of fixing vulnerabilities, ending in a 24-hour livestream event.
View Video
CloudCasa

How CloudCasa Helps Organizations Address Data Protection Weaknesses in Kubernetes

Mar 29, 2022 By CloudCasa In CloudCasa

In a recent episode of TFiR Let’s Talk, Swapnil Bhartiya sat down with Sathya Sankaran, Chief Operating Officer at CloudCasa by Catalogic, to discuss how the Kubernetes ecosystem is shifting and how CloudCasa is helping organizations address the data protection weaknesses in Kubernetes and cloud-native infrastructure and adopt these new technologies.

Read Post
CalCom

How to mitigate PetitPotam NTLM Relay Attack

Mar 27, 2022 By John Gates In CalCom
The latest Windows versions are compatible with NTLM and default NTLM implementation necessitates Active Directory. Microsoft has shared instructions on mitigating PetitPotam a type of NTLM relay attack that is used against Windows domain servers or controllers. Microsoft has referred to it as the ‘classic’ NTLM (ADV210003) relay attack allowing an attacker to take over domain controller or other Windows servers.
Read Post
CalCom

What is Cybersecurity Maturity Model Certification 2.0 (CMMC 2.0)?

Mar 27, 2022 By John Gates In CalCom
The DoD or Department of Defense of the United States of America implements the CMMC or Cybersecurity Maturity Model Certification to standardize or normalize the overall preparedness for cybersecurity across the DIB (Defense Industrial Base) of the federal government against evolving threats.
Read Post

How to Mitigate Risks in Software Supply Chain Security

Mar 24, 2022 By Snyk In Snyk
In this session, Mic McCully and Jake Williams explore the software supply chain as an attack vector – by identifying risks and mitigation strategies throughout the software development processes and environment. Watch this to learn how you can meet new requirements and protect your software from these attacks. Snyk helps software-driven businesses develop fast and stay secure. Continuously find and fix vulnerabilities for npm, Maven, NuGet, RubyGems, PyPI and more.
View Video
styra

Debunking the Top 3 Cloud-Native Security Myths

Mar 24, 2022 By Torin Sandall In Styra

By 2023, over 500 million digital apps and services will be developed and deployed using cloud native approaches. To put that in perspective, more applications will be developed on the cloud in a four-year period (2019-2023) than the total number of apps produced in the past 40 years. Clearly, organizations are buying into the cloud. But the question is: Do they fully understand it? And do they know how to secure the applications they built within it?

Read Post
styra

Insights from the Styra 2022 Cloud-Native Alignment Report

Mar 23, 2022 By Megan Scofield In Styra

IT leaders have historically managed all infrastructure decisions across storage, network, compute and other aspects of the cloud. But this isn’t necessarily the case today. As organizations move away from on-premise cloud infrastructure and adopt cloud-native technologies, modern developers are playing a larger role in decision-making — especially when it comes to policy decisions like the control of cloud-based tools and the code that runs on them.

Read Post
Snyk

Improving coverage of cloud resources to reduce infrastructure drift

Mar 23, 2022 By Stephane Jourdan In Snyk

As developers, we need maximum visibility of what’s actually running in our cloud environments, in order to keep them secure. Infrastructure as code (IaC) helps developers automate their cloud infrastructures, so what’s deployed to the cloud is under control and can easily be audited. But achieving and maintaining 100% IaC coverage of your infrastructure has many challenges.

Read Post
Snyk

Best practices for containerizing Go applications with Docker

Mar 22, 2022 By Jekayin-Oluwa Olabemiwo In Snyk

Containerization describes the creation of a self-contained computing environment that runs on a host machine and any operating system (OS) with an available container runtime engine. Built from an image, a container holds an app and the filesystem alongside configurations, dependencies, binaries, and other specifications needed to run it successfully. Containers are typically much smaller than virtual machines and run in the host’s OS rather than containing OSs themselves.

Read Post

Copyright © 2024 OpsMatters™. All rights reserved.