Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

GitHub Actions has made it easier than ever to build a secure continuous integration and continuous delivery (CI/CD) pipeline for your GitHub projects. By integrating your CI/CD pipeline and GitHub repository, GitHub Actions allows you to automate your build, test, and deployment pipeline. You can create workflows that build and test every pull request to your repository or deploy merged pull requests to production.

One of the selling points of cloud computing is the ability to quickly spin up new machines as needed. Unfortunately, this means that cloud environments grow very complex, very quickly – and manually updating configuration files to add new instances gets really old, really fast. It’s easy to make a mistake, which inhibits productivity and causes security issues, especially when accessing machines remotely.

With Kubernetes adoption continuing to rise, we've seen multiple studies add to the growing body of research for enterprise K8s deployments this past year. Companies leveraging managed services and packaged platforms drive much of the continued growth in adoption. An annual study conducted by the Cloud Native Computing Foundation (CNCF) found that 96% of organizations surveyed are either using or evaluating K8s currently.

X.509 is the first thing that comes to mind when discussing digital certificates. After all, it is the most widely used digital certificate in the PKI ecosystem and is the core component of SSL/TLS protocols, the technology that powers HTTPS. X.509 was first released on 25 November 1988 and is powerful, extensible and widely supported. But it's not the only certificate format available out there. For example, the popular email encryption program PGP uses a custom certificate format instead of X.509.

The National Security Agency (NSA) and partner cybersecurity authorities recently released an information sheet recommending proper configuration and monitoring of PowerShell, as opposed to removing or disabling PowerShell entirely. PowerShell is a built-in scripting language and a command-line executor developed by Microsoft to provide a better interface for system administrators to simplify and automate administrative tasks.

If your organization develops software and applications to deliver products and solutions, then more than likely you’re using third-party open source components to help create them. According to most estimates, open source components now make up over 80 percent of software products.