DevOps

DevOps Security Challenges and Best Practices

Apr 11, 2024 By Aranza Trevino In Keeper

Some of the challenges when adopting DevOps security, also known as DevSecOps, are placing too much focus on tools rather than processes, cultural resistance, weak access controls and poor secrets management. While implementing DevOps security comes with its challenges, there are several best practices organizations can follow to make its implementation as effective and seamless as possible, including proper change management, combating secrets sprawl and following the principle of least privilege.

Read Post

Keeper

Read more about DevOps Security Challenges and Best Practices

Tooltips and inlay hints for the OPA VS Code extension, powered by Regal

Apr 10, 2024 By Styra In Styra

Our DevRel guru Anders Eknert, and our eminent VP of Marketing, William Chia, talk about two new features in the OPA extension for VS Code — tooltips and inlay hints for built-in functions. Both provided by Styra's linter and language server for Rego, Regal.

View Video

Styra

Read more about Tooltips and inlay hints for the OPA VS Code extension, powered by Regal

Are you using JWTs safely in your app?

Apr 10, 2024 By Snyk In Snyk

⚒️ About Snyk ⚒️ Snyk helps you find and fix vulnerabilities in your code, open-source dependencies, containers, infrastructure-as-code, software pipelines, IDEs, and more! Move fast, stay secure.

View Video

Snyk

Read more about Are you using JWTs safely in your app?

OWASP Top 10 for LLM Applications: A Quick Guide

Apr 10, 2024 By AJ Starita In Mend

Published in 2023, the OWASP Top 10 for LLM Applications is a monumental effort made possible by a large number of experts in the fields of AI, cybersecurity, cloud technology, and beyond. OWASP contributors came up with over 40 distinct threats and then voted and refined their list down to the ten most important vulnerabilities.

Read Post

Mend

Read more about OWASP Top 10 for LLM Applications: A Quick Guide

User Rights Assignment - User rights, User wrongs

Apr 10, 2024 By Ben Balkin In CalCom

User rights permissions regulate access to computer and domain resources, with the ability to override permissions set on specific objects. Managed in Group Policy, each user right has a constant name as well as a Group Policy name associated with it. The constant names are used when referring to the user right in log events. In this section, they’re referred to as user rights, but they’re commonly known as privileges.

Read Post

CalCom

Read more about User Rights Assignment - User rights, User wrongs

How is policy as code enabling real time access management?

Apr 9, 2024 By Styra In Styra

View Video

Styra

Read more about How is policy as code enabling real time access management?

Top 3 JWT Security Best Practices for Your Apps

Apr 8, 2024 By Snyk In Snyk

Today we talk about how to secure your JWTs in app development. These are the 3 most important practices to keep your JWTs safe while coding applications!

View Video

Snyk

Read more about Top 3 JWT Security Best Practices for Your Apps

FIPS Compliant Algorithms for Encryption, Hashing, and Signing

Apr 8, 2024 By John Gates In CalCom

With the rise of cyber threats and the increasing volume of sensitive data being transmitted over networks, organizations must prioritize the use of cryptographic algorithms that meet stringent standards for security and reliability. One such standard is FIPS (Federal Information Processing Standards) compliance, which ensures that cryptographic algorithms adhere to the rigorous criteria set forth by the U.S. government.

Read Post

CalCom

Read more about FIPS Compliant Algorithms for Encryption, Hashing, and Signing

Seccomp internals deep dive - Part 1

Apr 8, 2024 By Amit Schendel In ARMO

Seccomp, short for Secure Computing Mode, is a noteworthy tool offered by the Linux kernel. It is a powerful mechanism to restrict or log the system calls that a process makes. Operating within the kernel, seccomp allows administrators and developers to define fine-grained policies for system call execution, enhancing the overall security posture of applications and the underlying system.

Read Post

ARMO

Read more about Seccomp internals deep dive - Part 1

What is ASPM - Application Security Posture Management Defined

Apr 5, 2024 By GitGuardian In GitGuardian

Welcome to our concise video on ASPM – Application Security Posture Management! In this brief 1-minute video, we unravel the complexities surrounding ASPM, shedding light on its crucial role in safeguarding digital assets and data integrity. ASPM serves as a comprehensive framework for assessing, monitoring, and enhancing the security posture of applications throughout their lifecycle. From development to deployment and beyond, ASPM empowers organizations to proactively identify and mitigate security risks, vulnerabilities, and compliance gaps.

View Video

GitGuardian

Read more about What is ASPM - Application Security Posture Management Defined

Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

DevOps

DevOps Security Challenges and Best Practices

Tooltips and inlay hints for the OPA VS Code extension, powered by Regal

Are you using JWTs safely in your app?

OWASP Top 10 for LLM Applications: A Quick Guide

User Rights Assignment - User rights, User wrongs

How is policy as code enabling real time access management?

Top 3 JWT Security Best Practices for Your Apps

FIPS Compliant Algorithms for Encryption, Hashing, and Signing

Seccomp internals deep dive - Part 1

What is ASPM - Application Security Posture Management Defined

Monthly Archive

Follow Us