Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

DevOps

teleport

Device Trust for the Web: The Hard Parts

Jul 22, 2024 By Alan Parra In Teleport
At Teleport we solve a wide range of problems: letting our customers access their infrastructure remotely without passwords or shared secrets, replacing shared credentials in CI/CD workloads with mTLS, and eliminating the need for VPNs to enable Just-In-Time Access to web apps, cloud consoles, databases, and more. Device trust was the last missing piece in replacing VPNs, as they offer a powerful feature letting customers pin access to specific networks.
Read Post

4 Hidden AI Coding Risks and How to Address Them

Jul 22, 2024 By Snyk In Snyk
96% of developers and security professionals out there are using AI coding tools today like ChatGPT and GitHub Copilot. But they are forgetting one thing. Is that generated code safe and secure? Today, we're taking a look at four hidden risks of AI-generated code and how you can protect your projects from these pitfalls.
View Video
CalCom

Understanding Structured Exception Handling Overwrite Protection (SEHOP)

Jul 21, 2024 By Ben Balkin In CalCom
Structured Exception Handling Overwrite Protection (SEHOP) is a security safeguard setting within Windows designed to prevent malicious actors from exploiting the Structured Exception Handler (SEH) overwrite. By preventing this exploit, SEHOP helps to ensure programs run smoothly and securely. Structured Exception Handler(SEH) is a mechanism within software that’s responsible to keep the program running smoothly in the event of an error.
Read Post

Find And Remediate Secrets In Confluence Cloud With GitGuardian

Jul 19, 2024 By GitGuardian In GitGuardian
Good news! GitGuardian can now help you find and remediate secrets exposed in Confluence Cloud. We have helped thousands of teams remediate plaintext secrets in their codebases and tools like Jira and Slack. Now, we have extended the real-time detection capability of our platform to cover this popular wiki, collaboration, and knowledge-sharing platform. Once integrated, GitGuardian will alert you about plaintext credentials is accidentally posted to Confluence Cloud spaces, pages, blogs, and comments.
View Video
CalCom

Fix CrowdStrike's BSOD with Hardening

Jul 19, 2024 By John Gates In CalCom
CrowdStrike, is a prominent cybersecurity technology company that provides security services for endpoints, cloud workloads, identity, and data. They are well-known for their Falcon Sensor Software designed to protect against cyberattacks. On Thursday, July 18 2024 there was a crash on Microsoft systems related to an update in Falcon Sensor software. This update involved a single file that added extra logic for detecting bad actors.
Read Post
mend

SAST - All About Static Application Security Testing

Jul 18, 2024 By AJ Starita In Mend
Updated on 07/18/2024 Static Application Security Testing (SAST) has been a central part of application security efforts for more than 15 years. According to the Crowdstrike 2024 State of Application Security Report, eight out of the top 10 data breaches of 2023 were related to application attack surfaces, so it’s safe to say that SAST will be in use for the foreseeable future.
Read Post
armo

eBPF use cases

Jul 18, 2024 By Oshrat Nir In ARMO
What is eBPF and how can it be used within the Kubernetes environment? In the dynamic world of container orchestration, where speed and adaptability are a must, eBPF, short for Extended Berkeley Packet Filter, has changed how developers interact with kernels within Kubernetes environments. At its core, eBPF crosses traditional boundaries, offering a programmable and secure in-kernel execution environment that empowers developers to use custom code without the need for modifications to the kernel itself.
Read Post

Copyright © 2024 OpsMatters™. All rights reserved.