Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

CloudCasa

More Cloud Integration Capabilities for Kubernetes Backup and Restore in the February Update of CloudCasa

Feb 2, 2023 By Bob Adair In CloudCasa

Mid-winter is fast approaching, meaning it’s nearly time to start thinking about spring again! But here at Catalogic all we’ve been thinking about lately is adding more features to CloudCasa. We were thrilled to hear that CloudCasa has been named a Kubernetes data protection leader and outperformer in the recently released GigaOm Radar for Kubernetes Data Protection Report, but we have no intention of resting on our laurels!

Read Post
mend

Software and AppSec Challenges and Opportunities in Banking and Fintech - Part Three

Feb 2, 2023 By Adam Murray In Mend

Application security is particularly important in the banking and financial technology sector, where a single breach can put large portions of sensitive information at risk. How to manage that risk is a complex process that affects how teams secure applications across their software supply chain.

Read Post
styra

AI-Generated Infrastructure-as-Code: The Good, the Bad and the Ugly

Feb 2, 2023 By Paul Foryt In Styra

With the rise of OpenAI’s GPT-3, ChatGPT and Codex products, as well as GitHub’s CoPilot and numerous competitors, today we’re seeing developers experimenting with AI to help augment their development workflows. While at first these efforts focused on more commonly used programming languages, such as Javascript and Python, the AI use cases are now expanding to Infrastructure-as-Code (IaC) configurations.

Read Post
gitguardian

How to Bake Security into your CI/CD Pipeline

Feb 1, 2023 By GitGuardian In GitGuardian
According to IBM Security's "The Cost of a Data Breach Report", the global cost of data breaches in 2022 increased by 2.6% compared to previous year, reaching $4.35 million. The source code of major companies like Nvidia, Microsoft, Uber, Slack, Toyota was leaked, often caused by usage of hardcoded secrets (you can see more details in the infographics below). In those cases, lateral movements were compromising software supply chain security. In their report Gartner claims about 45% of companies should expect to become targets of supply chain attacks by 2025.
Read Post

Stranger Danger: Your JavaScript Attack Surface Just Got Bigger

Feb 1, 2023 By Snyk In Snyk
Building JavaScript applications today means that we take a step further from writing code. We use open-source dependencies, create a Dockerfile to deploy containers to the cloud, and orchestrate this infrastructure with Kubernetes. Welcome - you're a cloud native application developer! As developers, our responsibility has broadened, and more software means more software security concerns for us to address.
View Video

Take GitHub threats seriously: The largest code-sharing platform is extending your attack surface

Feb 1, 2023 By GitGuardian In GitGuardian
In 2021, GitGuardian scanned over 1 billion data points on GitHub.com, and the results were stunning. More than 6 million secrets – think API keys, database connection strings, and private certificates – were exposed on the platform! Even more striking is the share of secrets and sensitive data exposed on the personal repositories of developers or open-source projects, of which SecOps teams lack visibility and control.
View Video

Snyk Workflows - Basic Workflows (IDE & CLI)

Feb 1, 2023 By Snyk In Snyk
Snyk integrates with your IDEs, repos, workflows, and automation pipelines to add security expertise to your toolkit. The “menu” of options available to you is extensive, so we created this three-part series to get you started and running. The first session covers basic workflows in the IDE and CLI. You’ll learn to proactively plan how to leverage Snyk in different places and different ways. We will cover basic workflows and how to use them, as well as quick tips.
View Video
veracode

Quick Start Guide: Integrate Veracode in Your DevOps Pipeline

Jan 31, 2023 By Clint Pollock In Veracode

For today’s DevSecOps teams, the demands continue to intensify. Application portfolios and codebases continue to grow, while cyberattacks remain an ever-present danger. More than ever, it’s vital to ensure security gaps are identified and addressed with maximum speed and efficiency. In order to do this, you need to establish a continuous feedback loop on security threats, so you can realize optimized, sustained results – which is exactly how Veracode helps.

Read Post
mend

Application Security Requires Concerted, Continuous Efforts

Jan 30, 2023 By Adam Murray In Mend

According to Forrester Research, applications are the top cause of external breaches because cybercriminals consider them to be one of the easiest entry points to attack organizations’ code bases. As supply chain attacks increase, it has become increasingly important for organizations to implement and maintain a continuous application security program and make it a priority.

Read Post

Copyright © 2026 OpsMatters™. All rights reserved.