DevOps

N-Day Hijack: Analyzing the lifespan of package hijacking attacks

Dec 14, 2023 By Yair Mizrahi In JFrog

Software package hijacking has become a prominent concern for individuals, businesses, and the cybersecurity community at large. We’ve seen this new threat trend rise over the past couple of years, with the potential to severely impact the software supply chain by attackers exploiting software packages to execute malicious code. This blog post details a case study conducted by our security research team, in an effort to trace the typical time before a package hijack is detected.

Read Post

JFrog

Read more about N-Day Hijack: Analyzing the lifespan of package hijacking attacks

Is Santa an insider threat?

Dec 14, 2023 By Ben Arent In Teleport

Is Santa an insider threat? He breaks into your home, consumes cookies, drinks milk/whisky and leaves a collection of items hidden behind highly decorated wrapping paper. Rumor has it that he can tell if you’re naughty or nice and is actively tracked by NORAD. Can we trust Santa with his elevated access? The answer is, of course, Yes, because we are all Santa. Santa is ultimate trusted Certificate Authority, entrusting intermediate trust to parents worldwide.

Read Post

Teleport

Read more about Is Santa an insider threat?

Managing Multi Account AWS Console and CLI Access with Teleport

Dec 14, 2023 By Teleport In Teleport

Are you using multiple AWS accounts to separate your environments like many of the engineering teams we work with? If you are, you may be looking for a better way to access those accounts. Join us for a session, in which Nivathan Somasundharam, Implementation Engineer at Teleport, and Ashok Mahajan, Senior Partner SA at AWS, discuss some common challenges that arise when using multiple AWS accounts to separate cloud environments and how to use Teleport to solve these issues. Some of the most common issues people face include.

View Video

Teleport

Read more about Managing Multi Account AWS Console and CLI Access with Teleport

Ethical Hacking Q&A

Dec 14, 2023 By GitGuardian In GitGuardian

Join Mackenzie Jackson and Sonya Moisset for the Q&A segment of their Ethical Hacking Webinar.

View Video

GitGuardian

Read more about Ethical Hacking Q&A

Why Velero Need A Multi-Cluster Manager

Dec 14, 2023 By CloudCasa In CloudCasa

To learn more about Multi-Cluster Manager for Velero, you can visit
https://cloudcasa.io/solutions/velero-backup/

And you can subscribe to our newsletter here:
https://cloudcasa.io/newsletter-landing-page/

View Video

CloudCasa

Read more about Why Velero Need A Multi-Cluster Manager

Introducing Snyk AppRisk Essentials

Dec 12, 2023 By Snyk In Snyk

Snyk AppRisk Essentials is Snyk’s first ASPM offering, designed to help AppSec teams boost their Snyk-based developer security program. The solution helps Snyk customers automatically discover the different assets used to build their applications, manage coverage to ensure these assets are being secured properly by Snyk, and better prioritize issues based on the risk they pose to the business.

View Video

Snyk

Read more about Introducing Snyk AppRisk Essentials

Six More Top Tips For Holistic AppSec and Software Supply Chain Security

Dec 12, 2023 By Sam Quakenbush In Mend

In my previous post, I began to list the ways you can strengthen your security posture, with some holistic approaches to application security and the software supply chain. In this second part of the series, let’s look at six more important considerations.

Read Post

Mend

Read more about Six More Top Tips For Holistic AppSec and Software Supply Chain Security

Best Practices from DevSecOps Experts

Dec 11, 2023 By JFrog In JFrog

We share JFrog's view on our own SSC security and share some best practices we use within our own organization.

View Video

JFrog

Read more about Best Practices from DevSecOps Experts

Developer Wish List for CSO / CISO

Dec 11, 2023 By JFrog In JFrog

Moran answers the question, "If you were a Developer today, what do you think you'd want to hear from your CISO and CSO?".

View Video

JFrog

Read more about Developer Wish List for CSO / CISO

Common assumption they make

Dec 11, 2023 By JFrog In JFrog

Common assumptions Developers tend to make around security today, that could be untrue. We unpack some of these assumptions and different way to view it that helps them adopt a security mindset and make their lives easier.

View Video

JFrog

Read more about Common assumption they make

Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

DevOps

N-Day Hijack: Analyzing the lifespan of package hijacking attacks

Is Santa an insider threat?

Managing Multi Account AWS Console and CLI Access with Teleport

Ethical Hacking Q&A

Why Velero Need A Multi-Cluster Manager

Introducing Snyk AppRisk Essentials

Six More Top Tips For Holistic AppSec and Software Supply Chain Security

Best Practices from DevSecOps Experts

Developer Wish List for CSO / CISO

Common assumption they make

Monthly Archive

Follow Us