DevOps

Top Ten Tips to Choose a Great SAST Tool

Aug 3, 2023 By Adam Murray In Mend

Static application security testing (SAST) is a crucial component of any software and application security strategy, and as such, a SAST tool should form a valuable part of your security stack. But when you’re choosing which SAST tool to buy and implement, what are the key factors you should consider?

Read Post

Mend

Read more about Top Ten Tips to Choose a Great SAST Tool

Developer-First Security Week: Level Up Your Security

Aug 2, 2023 By BoxyHQ In BoxyHQ

Developer-First Security Week Powered by BoxyHQ.

View Video

BoxyHQ

Read more about Developer-First Security Week: Level Up Your Security

Kubernetes Security Compliance Frameworks

Aug 1, 2023 By Jonathan Kaftzan In ARMO

The challenge of administering security and maintaining compliance in a Kubernetes ecosystem is typically the same: an increasingly dynamic, ever-changing, ephemeral landscape. Changes can be rooted in new approaches to cyberattacks or changing regulations. Kubernetes security requires a complex and multifaceted approach since an effective strategy needs to.

Read Post

ARMO

Read more about Kubernetes Security Compliance Frameworks

What Risks Do You Run from Brandjacking, and How Do You Overcome Them?

Aug 1, 2023 By Adam Murray In Mend

Brandjacking refers to the malicious act of using a brand’s identity to deceive or defraud customers. It usually involves impersonating a reputable brand to gain unauthorized access to sensitive information or exploit the trust associated with the brand. Attackers often leverage the reputation of well-known brands using social engineering techniques, phishing emails, fake websites, and malicious packages in open source repositories.

Read Post

Mend

Read more about What Risks Do You Run from Brandjacking, and How Do You Overcome Them?

Introducing JFrog Curation

Jul 31, 2023 By JFrog In JFrog

JFrog Curation is an automated DevSecOps solution designed to thoroughly vet and block malicious open source or third-party software packages and their respective dependencies before entering an organization’s software development environment. With JFrog Curation enterprise companies can: Find out more about what's under the hood with JFrog Curation in this informative webinar.

View Video

JFrog

Read more about Introducing JFrog Curation

Getting Started with Persistent Volumes

Jul 31, 2023 By CloudCasa In CloudCasa

This is the first of our series on Velero – the open source Kubernetes backup and recovery tool. While it’s powerful and flexible, the initial setup can be daunting to a beginner. Persistent Volumes also require CSI configuration, which varies from provider to provider. In this webinar, we will present all the information you need to get started with Velero. We will walk through the following configuration accompanied by a live demonstration.

View Video

CloudCasa

Read more about Getting Started with Persistent Volumes

RCE vulnerability CVE-2023-36884

Jul 30, 2023 By John Gates In CalCom

A phishing campaign carried out by the threat actor known as Storm-0978 has been detected by Microsoft. The campaign specifically targeted defense and government entities in Europe and North America. It exploited the CVE-2023-36884 vulnerability through Word documents, enabling a remote code execution vulnerability. Notably, the attackers used lures associated with the Ukrainian World Congress before the vulnerability was disclosed to Microsoft.

Read Post

CalCom

Read more about RCE vulnerability CVE-2023-36884

IP Tagging Rules For GitGuardian Honeytoken Events

Jul 28, 2023 By GitGuardian In GitGuardian

Anyone managing your GitGuardian workspace can set up IP tagging rules for honeytokens. Now when someone inside your network triggers a honeytoken, through testing or for any other reason, you will be able to easily identify it as a probable false alarm and not a true code leak, or if it is from a completely unknown, new address that merits further investigation and action.

View Video

GitGuardian

Read more about IP Tagging Rules For GitGuardian Honeytoken Events

FYI: the dark side of ChatGPT is in your software supply chain

Jul 27, 2023 By Ben Hirschberg In ARMO

Let’s face it, the tech world is a whirlwind of constant evolution. AI is no longer just a fancy add-on; it’s shaking things up and becoming part and parcel of various industries, not least software development. One such tech marvel that’s stealthily carving out a significant role in our software supply chain is OpenAI’s impressive language model – ChatGPT.

Read Post

ARMO

Read more about FYI: the dark side of ChatGPT is in your software supply chain

Office Hours: Best Practices for Securing your Applications with Snyk in Jenkins

Jul 27, 2023 By Snyk In Snyk

Snyk helps software-driven businesses develop fast and stay secure. Continuously find and fix vulnerabilities for npm, Maven, NuGet, RubyGems, PyPI and more.

View Video

Snyk

Read more about Office Hours: Best Practices for Securing your Applications with Snyk in Jenkins

Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

DevOps

Top Ten Tips to Choose a Great SAST Tool

Developer-First Security Week: Level Up Your Security

Kubernetes Security Compliance Frameworks

What Risks Do You Run from Brandjacking, and How Do You Overcome Them?

Introducing JFrog Curation

Getting Started with Persistent Volumes

RCE vulnerability CVE-2023-36884

IP Tagging Rules For GitGuardian Honeytoken Events

FYI: the dark side of ChatGPT is in your software supply chain

Office Hours: Best Practices for Securing your Applications with Snyk in Jenkins

Monthly Archive

Follow Us