Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

DevOps

Snyk

Snyk Container registry security integrations extended to GitHub, GitLab, Nexus, DigitalOcean, and more

Sep 23, 2021 By Danielle Inbar In Snyk

We’re excited to share that you can now use Snyk Container to scan container images stored in many more container registries. The latest additions include Github Container Registry, Nexus, DigitalOcean, GitLab Container Registry, and Google Artifact Registry.

Read Post
mend

The 2021 OWASP Top 10

Sep 23, 2021 By Patricia Johnson In Mend

The Open Web Application Security Project (OWASP), founded by Mark Curphey, first released the OWASP Top 10 Web Application Security Risks in 2003. The Top 10 is the closest the development community has to a set of commandments on how to build secure applications. This list represents the most critical risks to software security today and is recognized by developers as the first step toward creating more secure code.

Read Post
jfrog

A Peek at JFrog's Iron Bank Accreditation for Xray and Artifactory

Sep 23, 2021 By Sudhindra Rao In JFrog

JFrog Artifactory and JFrog Xray recently underwent a rigorous hardening process to earn accreditation for inclusion in the U.S. Department of Defense’s Iron Bank, a centralized repository of digitally-signed and hardened container images. In this blog post, we’re pulling back the curtain on the process, in order to share our insights and lessons learned with our customers and with the DevOps community at large.

Read Post
teleport

Do We Still Need a Bastion?

Sep 22, 2021 By Sakshyam Shah In Teleport

There is a growing discussion among network engineers, DevOps teams, and security professionals about the security benefits of bastions. Many assume that they are the “old way” of network access and have little relevance in the modern cloud native stack. These speculations are not irrelevant as in recent years, the corporate IT network perimeter as we knew it is diminishing, and the concept has been shifted to data, identity, and compute perimeter.

Read Post
styra

Policy Bundle Registry for Styra DAS Enterprise

Sep 21, 2021 By Josh O'Brien In Styra

One of the most critical aspects of managing policy-as-code at scale is ensuring safety when deploying policy changes to production workloads. A misconfiguration or errant rule can lead to consequences such as overly permissive systems, service outages, and other forms of application or platform issues.

Read Post
Snyk

Snyk Code CLI support now in public beta

Sep 21, 2021 By Frank Fischer In Snyk

Snyk is on the mission to make Static Application Security Testing (SAST) tools work for developers throughout the DevOps pipeline. Snyk Code scans in real time with high accuracy — and it does it right from the tools and workflows developers are already using. For example, the IDE plugins for IntelliJ, PyCharm, WebStorm, and Visual Studio Code make it easy to code, scan and fix even before code hits the version management.

Read Post

The Tokenised Auth

Sep 17, 2021 By Snyk In Snyk
Authentication can sound simple. It's just a login form and a couple of database columns, right? Why would you need a separate identity platform to solve this? You've probably heard that you shouldn't roll your own crypto, or payments. Well, add authentication to that list. Ben Dechrai joins us to discuss the aspects of good authentication, from tokenisation to multi-factor, and dives into a few features of Auth0 that help you customise, extend, and personalise your users' experience.
View Video

Copyright © 2024 OpsMatters™. All rights reserved.