%term

Customer Office Hours: CI/CD Best Practices

Dec 9, 2022 By Snyk In Snyk

Learn tips and tricks on how to implement, troubleshoot and scale deployments. For example, should you scan in the CICD or in SCM? What implementation methods should you use - plugin, npm, binary…? We will cover this and more. Host: Sebastian Roth, Senior Solutions Engineer Seb brings his expertise as a Principal Software Engineer & Team Lead for over 17 years into the DevSecOps community, where he now focuses on process improvements and shares best-practices to improve security posture.

View Video

Snyk

Read more about Customer Office Hours: CI/CD Best Practices

[NEW] Kubescape now integrates with GitHub Actions

Dec 8, 2022 By ARMO In ARMO

We are happy to announce that Kubescape now integrates with GitHub Actions. This allows users to identify issues as early and as clearly as possible, without ever leaving GitHub. Read all about it 👇

Read Post

ARMO

Read more about [NEW] Kubescape now integrates with GitHub Actions

Renovate Reaches 10K!

Dec 8, 2022 By Carol Hildebrand In Mend

First started as an open-source project in 2018, Mend Renovate automates open source dependency updates in software projects. Renovate has enabled a diverse user base across github.com and gitlab.com, reducing risk by mitigating security vulnerabilities and saving developers’ time. Renovate is now endorsed by OpenSSF and Google as the industry standard tool for dependency updates.

Read Post

Mend

Read more about Renovate Reaches 10K!

Dynamic Authorization with Policy-Based Access Management

Dec 8, 2022 By Jeff Broberg In Styra

Traditional or static authorization methods no longer meet the demands of today’s digital business environment. Data breaches are on the rise (a 23% increase in 2021, as per the Identity Theft Resource Center), forcing organizations to re-evaluate their security and compliance practices.

Read Post

Styra

Read more about Dynamic Authorization with Policy-Based Access Management

How Integrating with GCP Benefits Kubernetes Data Protection and Data Migration for GKE

Dec 8, 2022 By Ayushi Raj In CloudCasa

TFiR has produced its brand-new video show called Let’s See. This is the first time that TFiR has come up with a demo show where we will get to see how some of the technologies and products work.

Read Post

CloudCasa

Read more about How Integrating with GCP Benefits Kubernetes Data Protection and Data Migration for GKE

Getting Started using Maven and Bytesafe

Dec 8, 2022 By Bytesafe In Bytesafe

This video shows you how to use Maven and Bytesafe to install secure packages.

View Video

Bytesafe

Read more about Getting Started using Maven and Bytesafe

Risks Faced by Cloud-Native Apps and How to Assess Them

Dec 7, 2022 By Omer Dahan In Mend

Modern organizations are adopting a cloud-native approach to their application development. While this approach provides many benefits, it also makes organizations face several challenges, including the challenge of securing the application with a completely different approach. In this blog, we will discuss how software changes and how organizations should think about securing it.

Read Post

Mend

Read more about Risks Faced by Cloud-Native Apps and How to Assess Them

How to Sign Kubernetes using Sigstore

Dec 7, 2022 By Snyk In Snyk

In this livestream we are joined by Adolfo Veytia, Staff Software Engineer at ChainGuard and Tech Lead on the Kubernetes SIG-Release team, as we talk about they were able to tackle signing all of the Kubernetes v1.24 image artifact using Sigstore. We then demonstrate signing an image and vulnerability scan result attestations with Sigstore's cosign utility. Didn't catch the live stream? Ask all of your Snyk questions and we’ll do our very best to answer them in the comment section.

View Video

Snyk

Read more about How to Sign Kubernetes using Sigstore

What is RBAC vs ABAC vs PBAC?

Dec 7, 2022 By Sean Roth In Styra

Setting employee controls for IT to manage is the biggest challenge to cloud-native expansion, according to 64% of the developers surveyed in our 2022 Cloud-Native Alignment report.

Read Post

Styra

Read more about What is RBAC vs ABAC vs PBAC?

A Busy Weekend for npm Attacks, Including 'cors' Typosquatting

Dec 6, 2022 By Tamir Ben Ari In Mend

‘Tis the season for a busy weekend of software supply chain attacks. Over the past three days, the Mend research team identified two separate attacks that published malicious packages to npm. Mend Supply Chain Defender quickly identified the malicious code; the owners were notified, and the packages were removed. That does not fully remove the risk, however. The first package has 9.5 million downloads, while account CI keys were compromised in the second, which can cause significant damage.

Read Post

Mend

Read more about A Busy Weekend for npm Attacks, Including 'cors' Typosquatting

Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

Customer Office Hours: CI/CD Best Practices

[NEW] Kubescape now integrates with GitHub Actions

Renovate Reaches 10K!

Dynamic Authorization with Policy-Based Access Management

How Integrating with GCP Benefits Kubernetes Data Protection and Data Migration for GKE

Getting Started using Maven and Bytesafe

Risks Faced by Cloud-Native Apps and How to Assess Them

How to Sign Kubernetes using Sigstore

What is RBAC vs ABAC vs PBAC?

A Busy Weekend for npm Attacks, Including 'cors' Typosquatting

Monthly Archive

Follow Us