DevSecOps

It's Time to Get Hip to the SBOM

Aug 24, 2021 By Bill Manning In JFrog

The DevOps, IT security and IT governance communities will remember 2021 as the year when the Software Bill of Materials , or SBOM, graduated from a “nice to have” to a “must have.” Around for years, the SBOM has now become a critical DevSecOps piece, which everyone must thoroughly understand and incorporate into their SDLC (Software Development Lifecycle).

Read Post

JFrog

Read more about It's Time to Get Hip to the SBOM

Elastic and build.security: Shifting left together to secure the cloud

Aug 23, 2021 By Ashutosh Kulkarni In Elastic

Since its inception, Elastic Security has had a clear mission: to protect the world's data and systems from attack. We started with SIEM, built on top of the Elastic Stack, applying its fast and scalable search capabilities to detect security vulnerabilities across all threat vectors. Next, we joined forces with Endgame to integrate endpoint security into Elastic Security, and allow customers to prevent, detect, and respond to attacks from a single, unified platform.

Read Post

Elastic

Read more about Elastic and build.security: Shifting left together to secure the cloud

Defending against the cyber pandemic demands holistic security and intelligent DevSecOps

Aug 23, 2021 By Anna Chiang In Synopsys

Learn how Synopsys AppSec tools and services can help your organization deliver a holistic security approach to address rising cyber threats. Not only has the number of cyber attacks increased dramatically in 2020, but the ingenuity and scale of the attacks has also jumped way off the charts. The SolarWinds attack was “the largest and most sophisticated attack the world has ever seen” with the number of software engineers working on these attacks estimated to be over 1,000.

Read Post

Synopsys

Read more about Defending against the cyber pandemic demands holistic security and intelligent DevSecOps

Veracode Software Composition Analysis Cited as a Strong Performer by an Independent Research Firm

Aug 19, 2021 By Veracode In Veracode

Veracode, the largest global provider of application security testing (AST) solutions, has been recognized as a Strong Performer in The Forrester WaveTM: Software Composition Analysis, Q3 2021 by Forrester Research, a leading global research and advisory firm.

Read Post

Veracode

Read more about Veracode Software Composition Analysis Cited as a Strong Performer by an Independent Research Firm

GitHub DLP Webinar - Best Practices for Securing Codebases (Part 4)

Jul 19, 2021 By Nightfall In Nightfall

In this segment from one of our previous webinars on GitHub data loss prevention, Nightfall AI CTO and co-founder Rohan Sathe shares 8 critical best practices that developers and security engineers must keep top of mind in order to protect secrets in codebases and maintain good DevSecOps.

View Video

Nightfall

Read more about GitHub DLP Webinar - Best Practices for Securing Codebases (Part 4)

How to Establish a Culture of Secure DevOps

Jul 16, 2021 By Chris Kranz In Sysdig

We’re constantly told to “Shift Left” and that Secure DevOps is the only way to have confidence in your cloud native applications. But speaking to end-users and industry colleagues, it’s clear that there are some major challenges in adopting Secure DevOps. If we read our history books, we know that DevOps wasn’t successfully adopted by buying tools, and a true cultural movement towards DevOps wasn’t established by having a small dedicated team of DevOps specialists.

Read Post

Sysdig

Read more about How to Establish a Culture of Secure DevOps

Resilience, DevSecOps, and other key takeaways from RSAC 2021

Jul 15, 2021 By Huxley Barbee In Datadog

For the first time in its 30-year history, the 2021 RSA Conference was a virtual-only event, and not in its usual time during the spring. But, with 20,000 registrants joining for the various sessions, it was a testament to this year’s conference theme of resilience.

Read Post

Datadog

Read more about Resilience, DevSecOps, and other key takeaways from RSAC 2021

Measure your DevSecOps maturity with Datadog's self-assessment

Jul 13, 2021 By Andrew Krug In Datadog

With DevOps teams moving at ever greater speed, it’s vital for security teams to be deeply involved at all stages of the software development and delivery lifecycle. Breaking down silos between development, operations, and security teams ensures that security considerations are not overlooked, that vulnerabilities are caught early, and that security checkpoints do not slow down the delivery process.

Read Post

Datadog

Read more about Measure your DevSecOps maturity with Datadog's self-assessment

JFrog And Red Hat DevSecOps Security Series

Jul 6, 2021 By JFrog In JFrog

Accurately detecting and mitigating security vulnerabilities is critical for any enterprise. JFrog’s ongoing collaboration with Red Hat provides the DevOps community with enterprise-grade DevSecOps capabilities, enabling you to deliver high-quality, and more secure software, anywhere. As part of the Red Hat DevSecOps Security Series, Join us on July 1st for JFrog & Red Hat’s perspective on application analysis and how JFrog’s recently achieved Vulnerability Scanner Certification helps identify vulnerabilities in applications, images and configurations early in your lifecycle.

View Video

JFrog

Read more about JFrog And Red Hat DevSecOps Security Series

DevSecOps is a practice. Make it visible

Jun 30, 2021 By JFrog In JFrog

Security should be embedded in DevOps by default, but for many organizations, it is not. Enter “DevSecOps”. What is DevSecOps? It is a practice to build more secure applications, secure the software factory, and secure cloud workloads. Because it is a practice it needs to be visible. In this session hear about the ways tech-enabled enterprises approach a DevSecOps practice, how they make it visible, and how Splunk + JFrog can accelerate your journey.

View Video