Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

Dev-First Prevention Strategies

Feb 3, 2023 By Snyk In Snyk
Security and engineering teams often fail to find a balance between meeting the necessary security objectives for their organization and ensuring maximum velocity. While security teams view the process of blocking new critical severity vulnerabilities as a basic security best practice, engineering teams often push back out of fear that it will create too much friction for their developers. This dynamic is often based on prior experience with legacy security systems that focus almost solely on the needs of security and fail to support developers in this process.
View Video
mend

Software and AppSec Challenges and Opportunities in Banking and Fintech - Part Three

Feb 2, 2023 By Adam Murray In Mend

Application security is particularly important in the banking and financial technology sector, where a single breach can put large portions of sensitive information at risk. How to manage that risk is a complex process that affects how teams secure applications across their software supply chain.

Read Post
CloudCasa

More Cloud Integration Capabilities for Kubernetes Backup and Restore in the February Update of CloudCasa

Feb 2, 2023 By Bob Adair In CloudCasa

Mid-winter is fast approaching, meaning it’s nearly time to start thinking about spring again! But here at Catalogic all we’ve been thinking about lately is adding more features to CloudCasa. We were thrilled to hear that CloudCasa has been named a Kubernetes data protection leader and outperformer in the recently released GigaOm Radar for Kubernetes Data Protection Report, but we have no intention of resting on our laurels!

Read Post
gitguardian

How to Bake Security into your CI/CD Pipeline

Feb 1, 2023 By GitGuardian In GitGuardian
According to IBM Security's "The Cost of a Data Breach Report", the global cost of data breaches in 2022 increased by 2.6% compared to previous year, reaching $4.35 million. The source code of major companies like Nvidia, Microsoft, Uber, Slack, Toyota was leaked, often caused by usage of hardcoded secrets (you can see more details in the infographics below). In those cases, lateral movements were compromising software supply chain security. In their report Gartner claims about 45% of companies should expect to become targets of supply chain attacks by 2025.
Read Post

Stranger Danger: Your JavaScript Attack Surface Just Got Bigger

Feb 1, 2023 By Snyk In Snyk
Building JavaScript applications today means that we take a step further from writing code. We use open-source dependencies, create a Dockerfile to deploy containers to the cloud, and orchestrate this infrastructure with Kubernetes. Welcome - you're a cloud native application developer! As developers, our responsibility has broadened, and more software means more software security concerns for us to address.
View Video

Take GitHub threats seriously: The largest code-sharing platform is extending your attack surface

Feb 1, 2023 By GitGuardian In GitGuardian
In 2021, GitGuardian scanned over 1 billion data points on GitHub.com, and the results were stunning. More than 6 million secrets – think API keys, database connection strings, and private certificates – were exposed on the platform! Even more striking is the share of secrets and sensitive data exposed on the personal repositories of developers or open-source projects, of which SecOps teams lack visibility and control.
View Video

Snyk Workflows - Basic Workflows (IDE & CLI)

Feb 1, 2023 By Snyk In Snyk
Snyk integrates with your IDEs, repos, workflows, and automation pipelines to add security expertise to your toolkit. The “menu” of options available to you is extensive, so we created this three-part series to get you started and running. The first session covers basic workflows in the IDE and CLI. You’ll learn to proactively plan how to leverage Snyk in different places and different ways. We will cover basic workflows and how to use them, as well as quick tips.
View Video
veracode

Quick Start Guide: Integrate Veracode in Your DevOps Pipeline

Jan 31, 2023 By Clint Pollock In Veracode

For today’s DevSecOps teams, the demands continue to intensify. Application portfolios and codebases continue to grow, while cyberattacks remain an ever-present danger. More than ever, it’s vital to ensure security gaps are identified and addressed with maximum speed and efficiency. In order to do this, you need to establish a continuous feedback loop on security threats, so you can realize optimized, sustained results – which is exactly how Veracode helps.

Read Post

Copyright © 2026 OpsMatters™. All rights reserved.