Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

DevOps

armo

Kubernetes Ingress and Load Balancers: Bringing Traffic to Your Cluster

Feb 9, 2022 By Ben Hirschberg In ARMO
At the core of Kubernetes is the notion of high availability, meaning that every part of the system is redundant so it can continue to function despite failures. This includes multiple worker nodes to run your workload, apps are written to be able to run as multiple pods, and even the control plane will work across a cluster of machines. In this article, we’ll explain the different ways to manage network traffic in the Kubernetes cluster.
Read Post
sysdig

4 Ways to Combat the DevOps and Security Workforce Shortage

Feb 9, 2022 By Mike Luedke In Sysdig

Most people are painfully aware that security breaches have increased in recent years, while at the same time becoming much more sophisticated in their approach. Additionally, ever-expanding application environments and continuously evolving workloads have created more opportunities than ever for attackers. What’s not so apparent to those outside of the tech bubble: The world is dangerously ill-equipped to handle the magnitude of these threats.

Read Post
Snyk

Using Pulumi to automate the Snyk Kubernetes integration for containers

Feb 9, 2022 By Pas Apicella In Snyk

We have all heard of the term infrastructure as code (IaC), however code in this context is not really code in the sense of a programming language. IaC usually refers to the configuration of infrastructure via tools like Terraform, CloudFormation, Kubernetes YAML, or Azure Resource Manager templates, which is really the definition of how the infrastructure will be created.

Read Post
Snyk

Join "The Big Fix" to secure your projects with Snyk and earn cool swag

Feb 9, 2022 By Liran Tal In Snyk

What if there was a large, global event dedicated to finding and fixing security vulnerabilities in both open and closed-source software? An event that brings developers, DevOps, and security practitioners of all skill levels and backgrounds together to collectively make the software world more secure? Well, I’m excited to announce that Snyk has made this a reality by launching The Big Fix — a month-long event that’s running now!

Read Post

How to Use the Snyk CLI to Fix Vulnerabilities in Your Application: The Big Fix

Feb 8, 2022 By Snyk In Snyk
Brian Vermeer, Developer Advocate at Snyk, demonstrates how you can use the Snyk CLI to fix vulnerabilities in your application. Join us for The Big Fix, an event that brings developers and security practitioners round the world to find and fix vulnerabilities. Let's make the Internet a safer and better place than before!
View Video
mend

Five Critically Important Facts About npm Package Security

Feb 8, 2022 By Maciej Mensfeld In Mend

In 2021, the WhiteSource Diffend automated malware detection platform detected and reported more than 1,200 malicious npm packages that were responsible for stealing credentials and crypto, as well as for running botnets and collecting host information from machines on which they were installed.

Read Post
jfrog

CVE-2021-44142: Critical Samba Vulnerability Allows Remote Code Execution

Feb 8, 2022 By Itay Vaknin, Brian Moussalli In JFrog

Recently, a critical out-of-bounds vulnerability, assigned to CVE-2021-44142, was disclosed in Samba versions prior to 4.13.17. The Samba vulnerability carries a critical CVSS of 9.9 and allows attackers to remotely execute code on machines running a Samba server with a vulnerable configuration. The vulnerability was disclosed as part of the Pwn2Own Austin competition where researchers are challenged to exploit widely-used software and devices with unknown vulnerabilities.

Read Post

New Year, New Features in Xray

Feb 8, 2022 By JFrog In JFrog
Let’s start 2022 off the right with new features and updates that will extend JFrog Xray’s power and reach in addressing challenges with securing your binaries from development to production. Join Sarit Tager, VP Product Security as she discusses how Xray provides intelligent supply chain security and compliance at DevOps speed. JFrog Xray is a software composition analysis (SCA) solution that scans your open source software (OSS) dependencies for security vulnerabilities and license compliance issues.
View Video

Triaging vulnerabilities - the way it ought to be

Feb 7, 2022 By Snyk In Snyk
We all know that shifting security left is the right approach for securing our apps. We also know that it isn’t enough - developers also need to be empowered to own security. They require tools that integrate into the way they are already working and they need guidance and assistance from the security team. This is especially true for the most challenging vulnerabilities of all: those that are not so easy to fix, but too important to ignore.
View Video

Copyright © 2024 OpsMatters™. All rights reserved.