Three new NGINX ingress controller vulnerabilities reported and how they affect Kubernetes
Three security issues were reported on October 27th by the Kubernetes security community, all of them related to the popular NGINX ingress component.
Security | Threat Detection | Cyberattacks | DevSecOps | Compliance
The Latest Cybersecurity News & Insights From Around The World
AI Hallucinations and Manipulation: How to Use AI Coding Tools Securely (part 1)
Generative AI can help you write code faster, but is it secure? Learn how you can leverage the power of AI to increase your velocity while mitigating risks and staying secure. Learn from security experts Liran Tal & Simon Maple in a hands-on session where they walk through.
PCI DSS Compliance Hardening Policy
Server configuration hardening is a basic requirement for compliance with Payment Card Industry Data Security Standard (PCI DSS) v4.0 that was updated in April 2022 from PCI DSS Version 3.2.1. Server hardening is a fundamental process that ensures the security of servers in the network by reducing the servers attack surface through implementation of secure configurations.
What Mend.io's AppSec Experts Say About Cybersecurity
During Cybersecurity Awareness Month, we asked a panel of Mend.io’s finest minds what’s got their attention in the current cybersecurity landscape.
How to Handle Secrets in Helm
Learn step-by-step techniques and best practices to handle secrets in Helm charts safely and effectively. Level up your Helm deployments today!
Adding Snyk security to Jira and Bitbucket Cloud
In today's world of fast-paced software development, security is not an option — it’s a necessity. Security has become an integral part of the development process rather than a separate concern addressed by a different team once development is complete. Integrating Snyk security into your development workflows is a crucial step toward achieving comprehensive software security.
Seeking Safer Shortcuts For Security: Snyk's 2023 State of Open Source Security Report
Snyk helps software-driven businesses develop fast and stay secure. Continuously find and fix vulnerabilities for npm, Maven, NuGet, RubyGems, PyPI and more.
SEC Cybersecurity Disclosure Rules: What You Need to Know
On July 2023, the Securities and Exchange Commission (SEC) implemented a final rule mandating public companies to furnish comprehensive and uniform disclosures pertaining to cybersecurity risk management, strategy, governance, and incidents. We’re going to discuss SEC Cybersecurity Disclosure Rules and What You Need to Know.
Detect Secrets In Docker Images With ggshield - The GitGuardian CLI
Did you know that you can use ggshield to scan docker images for secrets? Many Docker images get shared through places like Dockerhub, and sometimes, images get shared unexpectedly, such as when you have a code leak. We built the `ggshield secret scan docker` command to help. With one simple command, anyone on your team can quickly detect any hardcoded credentials inside a docker image.
Block the attack paths into your Kubernetes clusters
In today’s world of limited time, we need to be laser-focused on our priorities. This goes double for mission-critical activities, like cybersecurity. We want to prioritize fixing the issues that have the most significant impact on our security posture. An attack path is like a roadmap for attackers, outlining the steps they can take to exploit security weaknesses.