Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

styra

Guarding the Guardrails - Introducing Regal the Rego linter

Jun 20, 2023 By Anders Eknert In Styra

Two years ago, I explored the idea of linting Rego with Rego on this blog, and how we could use the abstract syntax tree (AST) representation of a Rego policy as JSON input data, allowing us to write a “linter” for Rego using Rego itself. Open Policy Agent (OPA) is well-established for use cases like application authorization, cloud infrastructure and Kubernetes admission control, where we normally talk about policy as guardrails. But who’s guarding the guardrails?

Read Post
mend

How to Boost Confidence in Your Open Source Security with Mend Smart Merge Control

Jun 20, 2023 By Jeanette Sherman In Mend

Modern applications are hugely dependent on open-source software. 80 percent of most organizations’ apps and code base is now open source, in some cases more. While this is great for swift development and innovation, it increases the possibility of vulnerabilities arising that bad actors can exploit, and it expands the potential attack surface.

Read Post
armo

The definitive guide to compliance with cloud-managed Kubernetes

Jun 15, 2023 By Henry Hernández In ARMO
Kubernetes has become a vital component in cloud-native infrastructure, enabling organizations to deploy and manage containerized applications at scale. However, compliance is crucial to modern infrastructure, especially for businesses that handle sensitive data. Organizations that adopt Kubernetes must thus also be sure to maintain the security of their infrastructure, as well as address compliance requirements to meet regulatory standards.
Read Post
armo

Introducing Compliance Score: simplifying compliance assessment

Jun 15, 2023 By Amit Ofry In ARMO
In today’s digital landscape, compliance with industry frameworks is vital for businesses, Kubernetes environments are no exception. That being said, Risk Score is an illusive term. It is inconsistent between scanners and is ultimately hard to explain to stakeholders. Introducing a meaningful Compliance Score, now available on ARMO Platform. The new Compliance Score offers a user-friendly method to assess compliance levels. It measures control-specific compliance and overall framework compliance.
Read Post
armo

Kubernetes compliance under GDPR

Jun 15, 2023 By Henry Hernández In ARMO
The General Data Protection Regulation (GDPR) is a data privacy and security regulation in the European Union (EU) that aims to protect individuals’ personal data collected and processed by businesses. The financial penalties for a company that is found to be non-compliant with GDPR can be significant: €20 million or 4% of its annual global revenues.
Read Post

Secure Remote Access with Secretless SSH Access

Jun 15, 2023 By Teleport In Teleport
Teleport's Infrastructure Access Platform is a highly adaptable solution that addresses various use cases. It enables secretless SSH access to any internet-connected device, making it ideal for solving compliance requirements and enhancing infrastructure access security. Watch this session as we explore Teleport as a secure secretless solution for accessing remote Linux infrastructure via SSH. In particular, we will focus on its application in providing remote support within client environments, a common need for Managed Service Providers (MSPs).
View Video
gitguardian

How to Secure Your CI/CD Pipelines with GitGuardian Honeytokens

Jun 14, 2023 By Guest Expert In GitGuardian

Discover how honeytokens, digital decoys designed to detect unauthorized access, can strengthen the security of your CI/CD pipelines. In this guide, we offer step-by-step instructions for integrating them into popular pipelines like Jenkins, GitLab, and AWS CodePipeline.

Read Post
CalCom

NIST Cybersecurity Framework 2.0 (NIST CSF 2.0)

Jun 14, 2023 By John Gates In CalCom
In 2014 and with extensive community involvement NIST Cybersecurity Framework was created for private sector organizations in the United States. It is also aligned with other NIST standards and guidelines, such as NIST 800-53 and FedRAMP. NIST Cybersecurity Framework (CSF or Framework) is intended to be a living document that is refined and improved over time and was updated in 2018 and called CSF 1.1. We will be discussing NIST CSF 2.0.
Read Post

Copyright © 2026 OpsMatters™. All rights reserved.