DevOps

License Compatibility: Combining Open Source Licenses

Aug 13, 2020 By Ayala Goldstein In Mend

Free and open source software (FOSS) components have become the basic building blocks of our software products, helping today’s developers build and ship innovative products faster than ever before. Many developers tend to forget that while open source licenses are free, they still come with a set of terms and conditions that users must abide by.

Read Post

Mend

Read more about License Compatibility: Combining Open Source Licenses

Integrating the Risk Management Framework (RMF) with DevOps

Aug 13, 2020 By Anastasios Arampatzis In Tripwire

Information security should be at the heart of every system launched. In accordance with the Federal Information Security Management Act (FISMA), an information technology system is granted an Authority to Operate (ATO) after passing a risk-based cybersecurity assessment.

Read Post

Tripwire

Read more about Integrating the Risk Management Framework (RMF) with DevOps

SSH vs. kubectl exec

Aug 12, 2020 By Andrew Lytvynov In Teleport

Let’s have a look at two popular ways of opening remote shells: the good ol’ ssh and its modern counterpart, kubectl exec. Below, I will only look at the “kubectl exec” subcommand and its friends. kubectl itself is a swiss-army knife for all things Kubernetes. Comparing all of it to ssh is like comparing systemd to BSD init. Also, I will use “SSH” to mean “OpenSSH”, which is the de-facto standard for SSH protocol implementation.

Read Post

Teleport

Read more about SSH vs. kubectl exec

Nearly 50 Percent of Organizations Knowingly Push Vulnerable Software, According to New Research from ESG and Veracode

Aug 11, 2020 By Veracode In Veracode

New study finds DevOps integration and developer enablement crucial to success of AppSec programs.

Read Post

Veracode

Read more about Nearly 50 Percent of Organizations Knowingly Push Vulnerable Software, According to New Research from ESG and Veracode

How To Use Teleport: Using GitHub for Single Sign On (SSO)

Aug 6, 2020 By Teleport In Teleport

This video walks though how to set up Teleport to use GitHub for Single Sign On.

View Video

Teleport

Read more about How To Use Teleport: Using GitHub for Single Sign On (SSO)

How OIDC Authentication Works

Aug 6, 2020 By Virag Mody In Teleport

Did you know that in the United States, the Social Security Number was never intended to become the defacto method for physical identification? On its surface, this may come as a shock given how ubiquitously SSNs are used for this exact reason, but looking beneath the surface, we find that SSNs are terrible forms of identification. Ignoring the security concerns of a nine digit numeric code, an SSN is not for universal identification.

Read Post

Teleport

Read more about How OIDC Authentication Works

Why You Need an Open Source Vulnerability Scanner

Aug 6, 2020 By Julie Peterson In Mend

No one wants to be the next Equifax. Just thinking about their company’s name being in a headline along with the words “security breach” is enough to keep CISOs up at night. Much like Fight Club, however, the first rule of data breaches is: You do not talk about security breaches...unless you’re mandated by notification laws like GDPR. Even though organizations don’t reveal much publicly, their concern is reflected in the amount of money spent to prevent cyber attacks.

Read Post

Mend

Read more about Why You Need an Open Source Vulnerability Scanner

Authentication vs. Authorization: Why we need authorization standards

Aug 6, 2020 By Bill Mann In Styra

I witnessed the transition from bespoke authentication to standards-based authentication. It’s time to do the same for authorization. Twenty years ago, almost everything in the IT world was on-premises: hardware and software, including the tools you used to verify who your users were and what they could do in your systems.

Read Post

Styra

Read more about Authentication vs. Authorization: Why we need authorization standards

Webinar | Best Practices for Auditing K8s | Gravitational | Ev Kontsevoy | Andrew Lytvynov

Aug 5, 2020 By Teleport In Teleport

In this webinar, Ev and Andrew have a conversation about auditing kubernetes, what those logs might look like in a platform like Sumo Logic, and what added benefits one could receive from using a secure access tool like Teleport for audit logs and alerts.

View Video

Teleport

Read more about Webinar | Best Practices for Auditing K8s | Gravitational | Ev Kontsevoy | Andrew Lytvynov

Azure DevOps vs GitHub

Aug 5, 2020 By UpGuard Team In UpGuard

When it comes to modern software development, collaboration is the name of the game; to this end, development teams have more than ample selection of tools at their disposal these days.

Read Post

UpGuard

Read more about Azure DevOps vs GitHub

Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

DevOps

License Compatibility: Combining Open Source Licenses

Integrating the Risk Management Framework (RMF) with DevOps

SSH vs. kubectl exec

Nearly 50 Percent of Organizations Knowingly Push Vulnerable Software, According to New Research from ESG and Veracode

How To Use Teleport: Using GitHub for Single Sign On (SSO)

How OIDC Authentication Works

Why You Need an Open Source Vulnerability Scanner

Authentication vs. Authorization: Why we need authorization standards

Webinar | Best Practices for Auditing K8s | Gravitational | Ev Kontsevoy | Andrew Lytvynov

Azure DevOps vs GitHub

Monthly Archive

Follow Us