Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

DevOps

CloudCasa Demo - How to Backup Kubernetes Persistent Volumes to CloudCasa

Jul 7, 2021 By CloudCasa In CloudCasa
Learn how to backup Kubernetes Persistent Volumes to protect your data from ransomware attacks and for disaster recovery. Not only can CloudCasa create and manage Persistent Volume (PV) snapshots for you, but now you can backup those snapshots to our secure cloud storage as well. Just choose the “Snapshot and copy to CloudCasa” option when you create a Kubernetes backup job and you can also add this option to existing jobs by editing them.
View Video
Snyk

Hardening AWS EKS security with RBAC, secure IMDS, and audit logging

Jul 7, 2021 By Kamil Potrec In Snyk

Misconfigurations in infrastructure as code (IaC) can be just as dangerous as vulnerabilities in code. Small mistakes in configuration can lead to the sensitive data being readable on the internet, or private endpoints and dashboard accessible to the anonymous users and abused as the initial point of compromise. Recent security research findings indicate the rise in malware targeting the Kubernetes platform which showcases the need for secure configuration.

Read Post
CloudCasa

Azure Cloud Storage, PV Backups, and Ransomware Protection with New CloudCasa Release

Jul 7, 2021 By Katina Kozlowski In CloudCasa

CloudCasa is a simple, scalable, and inexpensive cloud backup service for protecting your Kubernetes and cloud native applications. We worry about protecting your Kubernetes environment so that you don’t have to! Since the introduction of CloudCasa in November of last year, we’ve been making improvements and adding new features at a steady rate. The CloudCasa team has been very busy this spring, and we’re now pleased to announce yet another major release of new service features!

Read Post

Use the Jenkins Credentials Binding Plugin to Protect Your Veracode Credentials

Jul 6, 2021 By Veracode In Veracode
In this video, you will learn how to: You can use the Jenkins Credentials Binding Plugin to hide your Veracode API credentials from the Jenkins interface and logs. You use the plugin to associate, or bind, your Veracode API credentials to environment variables and save them to the Jenkins credentials store. During a build, Jenkins uses the environment variables to secretly access your credentials. The Jenkins interface and logs only show the bound environment variables.
View Video

JFrog And Red Hat DevSecOps Security Series

Jul 6, 2021 By JFrog In JFrog
Accurately detecting and mitigating security vulnerabilities is critical for any enterprise. JFrog’s ongoing collaboration with Red Hat provides the DevOps community with enterprise-grade DevSecOps capabilities, enabling you to deliver high-quality, and more secure software, anywhere. As part of the Red Hat DevSecOps Security Series, Join us on July 1st for JFrog & Red Hat’s perspective on application analysis and how JFrog’s recently achieved Vulnerability Scanner Certification helps identify vulnerabilities in applications, images and configurations early in your lifecycle.
View Video
Snyk

Tips and best practices for building secure container images

Jul 6, 2021 By Matt Jarvis In Snyk

When you start scanning your container images, it can be disconcerting to discover that you have large numbers of vulnerabilities. Below is a scan I did last week on a vulnerable node image that I built. While a fairly extreme example, you can see that this image out of the box is showing as having over 800 vulnerabilities in it.

Read Post

Learning application security by finding and fixing insecure code in OWASP NodeGoat

Jul 6, 2021 By Snyk In Snyk
Wouldn't it be great if we, developers, learn about application security by training on purposely-built vulnerable applications rather than finding our mistakes in production? Yes, we think so too. In this session, we welcome Priscila Oliveira, Software Engineer at Sentry and core contributor of open source npm proxy project Verdaccio, to chat about her appsec experiences as developer, and learn together about secure coding practices, how to hack a live application, open source vulnerabilities and how to fix them.
View Video
armo

Networking with a Service Mesh: Use Cases, Best Practices, and Comparison of Top Mesh Options

Jul 4, 2021 By Amir Kaushansky In ARMO

Service mesh technology emerged with the popularization of microservice architectures. Because service mesh facilitates the separation of networking from the business logic, it enables you to focus on your application’s core competency. Microservice applications are distributed over multiple servers, data centers, or continents, making them highly network dependent.

Read Post
calligo

Calligo wins at the DevOps Excellence Awards 2021

Jul 1, 2021 By Will Gardiner In Calligo

Calligo wins ‘Best DevOps Transformation’ up against a heavyweight shortlist including IBM, Infosys, Sky, Accenture and Telefonica. Computing’s annual DevOps Excellence Awards aim to recognise and celebrate the best DevOps deployments, teams, outcomes and impacts in business over the last 12 months. Calligo was shortlisted in the Best DevOps Transformation category, alongside such industry heavyweights as IBM, Infosys, Sky, Accenture and Telefonica.

Read Post
Snyk

Talking visibility, scalability, and relationships in secure development with Phil Guimond of ViacomCBS

Jul 1, 2021 By Simon Maple In Snyk

I recently caught up with Phil Guimond, Principal Cloud Security Architect at ViacomCBS. He describes his role as a fancy way of saying he likes to be involved in All The Things™. This includes cloud security and architecture, application security, penetration testing, and digital forensics and incident response, and even vendor reviews and risk management from time to time. He works in a very cross-functional team. We had a great discussion, and I wanted to share it with all of you.

Read Post

Copyright © 2024 OpsMatters™. All rights reserved.