Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

DevOps

Snyk

Snyk Maven plugin: Integrated security vulnerability scanning for developers

Apr 20, 2021 By Brian Vermeer In Snyk

Maven is the most commonly used build system in the Java ecosystem, and it has been for many years. Building your application with Maven is easy since it takes care of many things for you. In different phases of the Maven lifecycle, it handles things like: With Maven, the development lifecycle happens the same way on every machine for every developer on the team, as well as within the CI pipeline.

Read Post
armo

The K8s network (security) effect

Apr 20, 2021 By Amir Kaushansky In ARMO

Around 20 years ago I had the privilege of joining a young company that invented the Firewall – Check Point. I learned most of my networking knowledge and skills at Check Point and, at that time, I was involved in the high end, rapidly evolving internet. This might be the reason why I truly believe that network security must be a layer in the overall security strategy. A few years ago, I came back to Check Point as a cloud security product manager.

Read Post
Featured Post
outpost 24

4 ways Security and DevOps can collaborate to reduce application vulnerabilities

Apr 19, 2021 By Simon Roe In Outpost 24
Today's organisations are operating in a digital landscape filled with complexities and vulnerabilities. Increasingly, the applications and technologies businesses use to facilitate crucial business operations and connect people are at the mercy of cybercriminals - who are eager to attack from the shadows exploiting and stealing sensitive information held within these everyday applications. As such, security and DevOps teams need a collaborative approach to address and triage application vulnerabilities that continually present themselves - despite each team having different overall objectives.
Read Post
Snyk

Code Dx 5.3 integrates with Snyk for comprehensive vulnerability management

Apr 19, 2021 By Utsav Sanghani In Snyk

The Code Dx team is pleased to announce the general availability (GA) of Code Dx 5.3, which notably features an integration with Snyk to help customers integrate open source and container security into their continuous development processes. As we move toward a cloud native world, we’re working to ensure that developer-first tooling, secure cloud infrastructure, container security, and open source tools are fully integrated into Code Dx 5.3.

Read Post
veracode

DevSecOps in Practice: How to Embed Security into the DevOps Lifecycle

Apr 19, 2021 By Veracode In Veracode

You’ve heard of DevOps. And by now, you’ve probably also heard of DevSecOps, which extends DevOps principles into the realm of security. In DevSecOps, security breaks out of its “silo” and becomes a core part of the DevOps lifecycle. That, at least, is the theory behind DevSecOps. What’s often more challenging for developers to figure out is how to apply DevSecOps in practice. Which tools and processes actually operationalize DevSecOps?

Read Post
styra

5 OPA Deployment Performance Models for Microservices

Apr 15, 2021 By Anders Eknert In Styra

If you’re responsible for a microservices app, you may be familiar with the idea of a “latency budget.” This is the maximum latency, measured as total request time, that you need for the app to work, in order to meet your SLAs and keep stakeholders happy. For a stock trading or financial services app, this budget might be the barest of microseconds.

Read Post

Kubernetes Quick Hits: SecurityContext and why not to run as root

Apr 15, 2021 By Snyk In Snyk
In this, the first of our series of our Kubernetes Quick Hits videos, Eric Smalling–Sr. In less than five minutes, you understand why you need to *not* run your containers as root and what to do about it if you are. Snyk helps software-driven businesses develop fast and stay secure. In addition to container security scans, Snyk can continuously monitor to find and fix vulnerabilities for npm, Maven, NuGet, RubyGems, PyPI and more.
View Video

Secure Coding with IntelliJ

Apr 15, 2021 By Snyk In Snyk
How can I do security in IntelliJ? Is there a security code scanner for IntelliJ? How can I test for security in Java? Is there a Snyk plug-in for IntelliJ? Make sure to subscribe so you don't miss new content! We know that IntelliJ IDEA is the most favorite and commonly used IDE in the Java landscape and a lot of developers practically live in their integrated development environment (IDE). A good IDE is like a swiss army knife; it is your go-to tool to do almost everything. Let’s see how we can integrate security and secure development into IntelliJ IDEA using this new Snyk plugin.
View Video

Copyright © 2024 OpsMatters™. All rights reserved.