Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

[Webinar] DevOps backups vs. ransomware - best security and compliance practices.

Oct 11, 2022 By GitGuardian In GitGuardian
Ransomware is still on the rise and does not bypass DevOps ecosystems and SaaS services. Backup is the final line of defense against ransomware so it should be ransomware-proof itself. Join the webinar and check on how to ensure security and continuity of operations in your DevOps environments.
View Video

[Webinar] DevSecOps - A DevSecOps Maturity Model for Secrets Management

Oct 10, 2022 By GitGuardian In GitGuardian
Listen to experts from KuppingerCole Analysts and GitGuardian as they discuss security vulnerabilities in DevOps environments, which are often due to a lack of visibility and control of widely distributed secrets such as API keys, database passwords, cloud access keys, certificates, SSH keys, and service account passwords, leaving millions of credentials exposed.
View Video

The Uber Hack - A step by step breakdown of the 2022 Uber data breach

Oct 7, 2022 By GitGuardian In GitGuardian
On September 15th Uber suffered a significant breach. In this video, we will break down exactly how Uber was breached from initial access to how the attacker moved laterally into different internal systems of Uber. What happened? Here’s what we know so far, pending investigation and confirmation from Uber’s security teams.
View Video

#DevOpsSpeakeasy at #devoxxMA 2022 with Carlos Sanchez @csanchez

Oct 6, 2022 By JFrog In JFrog
In this interview, we speak with Carlos Sanchez @csanchez Senior Cloud Software Engineer at Adobe, member at the Apache Software Foundation, author of Jenkins Kubernetes plugin about Kubernetes!! How moving to Kubernetes opens the door to a world of possibilities, the amount of workloads that can be run and the flexibility it provides. However this comes at a cost on managing the resources used by many applications and teams. Java applications can be specially challenging when running in containers.
View Video
teleport

Securely Implementing IdP-initiated SAML2 Login

Oct 6, 2022 By Joel Wejdenstål In Teleport

Security Assertion Markup Language 2.0, or more commonly known as SAML in the industry, is one of the most used protocols for single-sign-on on the modern web. It allows an application like Teleport to communicate with an upstream identity provider like Okta or Google Workspace to securely get trusted information about users when they log in, removing the need for sign-ups, log-ins and tying identities to people inside the application.

Read Post
styra

What Is RBAC? Examples, Benefits and Implementation

Oct 5, 2022 By Danny Baier In Styra

Access control is a key component of security programs, since it regulates who or what can access data and resources within an organization’s systems. Granting access only to authorized users prevents data breaches and malicious attacks and is a good way to practice the security principle of least privilege. This article focuses on RBAC, a type of access control, and its benefits and implementation.

Read Post

Stranger Danger: Your JavaScript Attack Surface Just Got Bigger

Oct 5, 2022 By Snyk In Snyk
Building JavaScript applications today means that we take a step further from writing code. We use open-source dependencies, create a Dockerfile to deploy containers to the cloud, and orchestrate this infrastructure with Kubernetes. Welcome - you're a cloud native application developer! As developers, our responsibility has broadened, and more software means more software security concerns for us to address.
View Video

How to hack a vulnerable OWASP Node.js apps: Part 2 | Snyk

Oct 5, 2022 By Snyk In Snyk
How to hack a vulnerable OWASP Node.js Apps We are back with part 2 of this livestream. Join us as we demonstrate how you can use the Node.js app. We also show the various ways it can be hacked so you can learn how to prevent it. Didn't catch the live stream? Ask all of your Snyk questions and we’ll do our very best to answer them in the comment section.
View Video

Snyk and HashiCorp: The Snyk IaC Integration With HashiCorp Terraform Cloud and Terraform Enterprise

Oct 4, 2022 By Snyk In Snyk
In this video, learn about the Snyk IaC integration with HashiCorp Terraform Cloud and Terraform Enterprise, which enable developers to automate security checks and ensure public cloud environments are secure and compliant pre-deployment — directly in their Terraform Cloud pipelines.
View Video
mend

Six Golden Rules for Software and Application Security

Oct 4, 2022 By Daniel Elkabes In Mend

October is Cybersecurity Awareness Month, established back in 2004 by the Office of the U.S. President and the U.S. congress. Led by the Cybersecurity and Infrastructure Security Agency (CISA) and the National Cybersecurity Alliance (NCA), the initiative helps both individuals and enterprises make smarter, more informed security decisions.

Read Post

Copyright © 2026 OpsMatters™. All rights reserved.