Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

DevOps

Office Hours: Insights - Focus on Top RIsks

Sep 14, 2023 By Snyk In Snyk
We recently announced Insights, a unique capability providing organizations with code to cloud application intelligence that enables development and security teams to manage their application security posture more effectively by identifying, prioritizing, and fixing those issues posing the greater risk. Watch: What Insights is How to access Insights How to use Insights Watch if you are interested in using Insights, have started, or work as an engineer, developer, or in DevOps.
View Video
mend

Software Supply Chain Security: The Basics and Four Critical Best Practices

Sep 14, 2023 By AJ Starita In Mend

Modern enterprise software is typically composed of some custom code and an increasing amount of third-party components, both closed and open source. These third-party components themselves very often get some of their functionality from other third-party components. The totality of all of the vendors and repositories from which these components (and their dependencies) come make up a large part of the software supply chain.

Read Post

Navigating Chaos: JFrog Security Essentials and Advanced Security

Sep 13, 2023 By JFrog In JFrog
We examine fundamental shifts and changes to software development approaches and how we secure developers, the code they write, and the products they build. Learn how your development teams can prioritize critical vulnerable exposure (CVE) remediation, maintain granular, centralized, and complete control of the development process, and maintain a single source of truth from code to device.
View Video
mend

How Software Supply Chain Security Regulation Will Develop, and What Will It Look Like?

Sep 12, 2023 By Sam Quakenbush In Mend

The escalation of international legislative interest in regulating the software supply chain has led to an increasing likelihood that tools such as software bills of materials (SBOMs) and AppSec solutions will become essential for companies doing business in the public sector or in highly regulated industries. However, the process of building and enforcing effective regulations presents challenges as well.

Read Post
teleport

How we built a secure RDP client

Sep 8, 2023 By Zac Bergquist In Teleport

Today’s remote desktop protocol (RDP) clients don’t do enough to promote a strong security posture. They default to weak password-based authentication, leaving Windows infrastructure vulnerable to brute force attacks, and assume a direct connection to a well-known port is available. At Teleport we’re a bit bonkers about always trying to build the most secure solution, so we set out to do something different.

Read Post
mend

Why Legal Regulation Shifts Responsibility for Software Supply Chain Security to Vendors

Sep 7, 2023 By Sam Quakenbush In Mend

In the face of increasingly impactful malicious attacks, governments of leading economies have turned their attention to the software supply chain security. Regulations like the EU’s Digital Operational Resilience Act (DORA) for financial institutions and the Cyber Resilience Act (CRA) for software and hardware providers Australia’s 2023-2030 cybersecurity strategy, and the U.S.

Read Post
mend

Are You Protected from the 12 Most Exploited Vulnerabilities?

Sep 5, 2023 By Adam Murray In Mend

One of the most vital things to get right in application security is dependency management, and to achieve this, your suite of AppSec tools must be up to date. This means that your vulnerability scanning, detection, and remediation capabilities must be able to identify and address the newest and most exploited vulnerabilities. Do you know what these vulnerabilities are? Have you got them covered? With the help of some of the world’s leading cybersecurity authorities, you can be.

Read Post
CalCom

Open Source CyberSecurity Tools for Hardening

Sep 3, 2023 By John Gates In CalCom
Open-source cybersecurity tools offer a prime solution for independent security experts, emerging businesses, and even medium to large enterprises aiming to tailor their security framework. These tools serve as a foundational platform for fostering security advancements, integrating proprietary software code and security automation scripts.
Read Post

Copyright © 2024 OpsMatters™. All rights reserved.