Kubescape: the 1st open-source project to support VEX Generation
Guest post originally published on Kubescape’s blog by Oshrat Nir, Developer Advocate at ARMO and a Kubescape contributer.
Security | Threat Detection | Cyberattacks | DevSecOps | Compliance
The Latest Cybersecurity News & Insights From Around The World
DevOps
IP Allowlisting for GitGuardian Honeytoken Events!
Do you want to prevent specific IP addresses from triggering your GitGuardian Honeytokens? GitGuardian now lets you add IP ranges to an allow list, preventing those addresses from causing a new alert and helping you reduce false positives, while still protecting your code and environments.
Six Top Tips For Holistic AppSec and Software Supply Chain Security
Developing applications and working within the software supply chain requires hard skills such as coding and proficiency in programming languages. However, protecting the software supply chain also requires some softer skills and an openness to strategies and tools that will strengthen your security posture. In this two-part series, we will discuss these considerations and how they support a holistic approach to application security and software supply chain security.
Parallel Testing Unleashed: 10 Tips to Turbocharge Your DevOps Pipeline
Every software team is constantly looking for ways to increase their velocity. DevOps has emerged as a leading methodology that combines software development and IT operations to shorten the system development life cycle and provide continuous delivery. However, ensuring software quality and security in a high-velocity environment can be challenging. This is where parallel testing comes into play.
The Developer Relationship to Security
Moran dives into what her view is on Developers and the relationship they have with security today. As security gets more complex, the Developer's job today isn't easy and they are asked to do a lot more than they are used to.
CSO wish list for Developers
The four things the CSO of today's modern organization wishes their Developers did more of and how to do them.
WEBINAR MOMENT: Do Not Push This To Production
A fun moment from GitGuardian's Ethical Hacking Webinar with Snyk's Sonya Moisset. Sonya finds code that shouldn't have been pushed to production.
WEBINAR MOMENT: Trying a Directory Traversal Hack
A clip from GitGuardian's webinar on Ethical Hacking. Special guest, Snyk's Sonya Moisset, uses a directory traversal hack to get much deeper into the app's source code than should ever be allowed.
Turnover, Relationships, and Tools in Cybersecurity
Some things, like choosing tools, are perennial problems. Others, like complete security team turnover, seem to be a more recent development within my circles. But either way, staff turnover has ripple effects that are not always immediately apparent. Let’s take a look.
GitGuardian Infra as Code Security Analytics
Are you working toward better security for your infrastructure as Code deployments? GitGuardian can now help you track your progress! With the new Analytics view built into GitGuardian's Infra as Code Security, you can quickly understand the health of your IaC practice from one dashboard.