Security | Threat Detection | Cyberattacks | DevSecOps | Compliance
The Latest Cybersecurity News & Insights From Around The World
Workload Identity Meets Supply Chain Security: Teleport's Sigstore Integration
It’s no secret that the software development life cycle is becoming more complex. With a plethora of libraries, frameworks, and now AI coding agents and assistants, we can build far more ambitious software in a fraction of the time. This is fantastic! But with it come greater opportunities for accidental or malicious security bugs and vulnerabilities to sneak in undetected, with potentially devastating consequences for your users and their trust in your company.
Best SAST Tools: Top 10 Solutions Compared
SAST tools automatically scan the source code of an application. The goal is to identify vulnerabilities before deployment. SAST tools perform white-box testing, which involves analyzing the code based on inside knowledge of the application. SAST offers granularity in detecting vulnerabilities, providing an assessment down to the line of code.
Your Infrastructure Has a Non-Human Trust Problem
Modern infrastructure is increasingly run by automated systems, not people. Bots push code. Runners deploy to prod. Agents orchestrate cloud resources. And increasingly, AI models trigger actions directly through prompt-driven automation. Welcome to the era of non-human identities (NHIs): the invisible workforce operating behind modern digital systems.
Pen Testing: The "Aha" Moment That Changed Everything! #cybersecurity
Mend.io, formerly known as Whitesource, has over a decade of experience helping global organizations build world-class AppSec programs that reduce risk and accelerate development -– using tools built into the technologies that software and security teams already love. Our automated technology protects organizations from supply chain and malicious package attacks, vulnerabilities in open source and custom code, and open-source license risks.
Security Benchmarking Authorization Policy Engines: Rego, Cedar, OpenFGA & Teleport ACD
Back in 2024, Amazon Web Services (AWS) engaged Trail of Bits (ToB) to perform a comparative assessment between several authorization and access management policy languages. If you're unfamiliar with the concept of a policy engine, it's essentially a fully-featured engine that offloads authorization decisions in an application.
How to Backup Kubernetes Clusters with Terraform and CloudCasa | Step-by-Step Demo
In this demo, Martin Phan, Field CTO at CloudCasa, shows you how to automate the deployment of CloudCasa resources using our official Terraform provider. Learn how to register Kubernetes clusters, set up backup jobs and policies, and define object storage destinations — all through infrastructure as code. What you'll learn.
How to Easily Backup and Restore SUSE Virtualization VMs (Updated Tutorial)
In this updated tutorial, Martin Phan, Field CTO at CloudCasa, walks you through how to easily back up and restore virtual machines in SUSE Virtualization (formerly Harvester). You'll see how to register your SUSE cluster with CloudCasa, protect containerized VMs, and perform a full VM restore — including the ability to restore to a different namespace with options to power off the VM and apply additional restore transformations.
How to Set Up the CloudCasa Agent Spectro Cloud Pack for Kubernetes Backup
Spectro Cloud Palette is an enterprise-grade Kubernetes management platform that simplifies the deployment and lifecycle management of clusters across data center, cloud, and edge environments. Designed around a declarative model, Spectro Cloud Palette enables users to define full-stack cluster profiles—including the operating system, Kubernetes version, and curated integrations—all governed by policy.