Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

Best Practices: Onboarding Jfrog Xray

Sep 30, 2020 By JFrog In JFrog
JFrog Xray is a Software Composition Analysis tool (SCA) which is tightly integrated with JFrog Artifactory to ensure security and compliance governance for the organization binaries throughout the SDLC. This video provides best practices learned from customers for successfully deploying JFrog Xray into your organization and performing a real Shift-Left. It will focus on two keys to success, 1. involving R&D and 2. starting small and working in cycles.
View Video

iDevNews Application Architecture Summit 2020 | RBAC for SSH and Kubernetes Access with Teleport

Sep 28, 2020 By Teleport In Teleport
Enterprises are best served by leveraging an RBAC system to manage access to their SSH and Kubernetes resources. With Teleport, an open source software, employers are able to provide granular access controls to developers based on the access they need and when they need it. This makes it possible for employers to maintain secure access without getting in the way of their developers’ daily operations. Join Steven Martin, Solution Engineer at Gravitational, as he demonstrates how to assign access to developers and SRE’s across environments with Teleport through roles mapped from enterprises’ identity providers or SSOs.
View Video

Demo | Access Workflow Integration Using Pager Duty | Privileged Access Management | Teleport

Sep 26, 2020 By Teleport In Teleport
Teleport allows you to implement industry-best practices for SSH and Kubernetes access, meet compliance requirements, and have complete visibility into access and behavior. But invariably, change happens. Teleport allows users to request elevated privileges in the middle of their command-line sessions and create fully auditable dynamic authorizations . These requests can be approved or denied in PagerDuty or anywhere else via a flexible Authorization Workflow API.
View Video
mend

Black Box Testing: What You Need to Know

Sep 24, 2020 By Patricia Johnson In Mend

Today’s software development life cycle includes a variety of quality and security testing techniques at every stage. Frequent testing throughout the DevOps pipeline is imperative considering the ever-increasing pace of development. One of the most common testing methods that companies use to ensure the products they are pushing out are secure and high-quality is black box testing.

Read Post
styra

API Authorization at the Gateway with Apigee, Okta and OPA (Part 1)

Sep 24, 2020 By Ash Narkar In Styra

API gateways have become a standard component in modern application architectures. The gateway exposes application APIs to the Internet and serves as a logical place to enforce policy. This is a two-part series about enforcing API authorization policies in Apigee with Okta as the identity provider (IdP).

Read Post

Escape The Ticketing Turmoil | Slack/PagerDuty Integrations | Teleport Workflow API

Sep 23, 2020 By Teleport In Teleport
Teleport allows you to implement industry-best practices for SSH and Kubernetes access, meet compliance requirements, and have complete visibility into access and behavior. But invariably, change happens. Teleport allows users to request elevated privileges in the middle of their command-line sessions and create fully auditable dynamic authorizations. These requests can be approved or denied via ChatOps in Slack, in PagerDuty, or anywhere else via a flexible Authorization Workflow API.
View Video
outpost 24

Container inspection: walking the security tight rope for cloud DevOps

Sep 23, 2020 By Sergio Loureiro In Outpost 24

Containers have become very popular with DevOps as a way to increase speed and agility. However, with recent reports of hackers utilizing vulnerabilities in Docker container images to compromise hosts and launch malicious containers – how can we identify this at the time of development to prevent security costing us later?

Read Post

SKILup Day DevSecOps | How To Securely Access Compute Resources In Cloud Environments | Virag Mody

Sep 22, 2020 By Teleport In Teleport
Virag Mody, Technical Writer for Gravitational gave a concise talk on Infrastructure Security best practices for SKILupDays DevSecOps 2020. In the talk he covers why certificate authorities are so important, and what individuals can do to create a more secure infrastructure access process.
View Video
mend

Top 7 Questions to Ask When Evaluating a Software Composition Analysis Solution

Sep 17, 2020 By Julie Peterson In Mend

Your open source usage is out of control. Sure, it’s helping you develop your product faster and getting new releases out the door in days instead of months, but now your code base is made up of 60% or more open source components. And that percentage is only growing. The application layer continues to be the most attacked, so you know you need to stay on top of vulnerabilities.

Read Post

Webinar | Industry Best Practices for SSH Access | Teleport | How To

Sep 14, 2020 By Teleport In Teleport
We've all used SSH dozens of times, but do we really understand how to SSH properly? Using such a powerful tool can come with a lot of risks, especially when we're on highly distributed teams with well-trodden workflows that can be tough to change. In an era of sophisticated phishing attacks and threats always knocking at our doors, we could all use a little help with making sure our infrastructure is as secure as it can be.
View Video

Copyright © 2026 OpsMatters™. All rights reserved.