Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

In this webcast, SANS certified instructor Matt Bromiley will explore the concept of zero trust and what it means to security teams and your overall security posture. As a concept, zero trust is relatively straightforward: Trust no one until verified, inside or outside the network. However, this is often easier said than done, especially for systems built on legacy authentication models. Matt will also examine what a zero trust implementation looks like, how this can stop adversaries dead in their tracks, and what your organization can do to begin moving toward a state of zero trust.

Denis Rosa, Developer Advocate Manager at Couchbase, talks about the challenge of external dependencies with continuous integration and delivery

Tools to package your applications and services into container images are abound. They’re easier to use and integrate into your CI/CD pipelines now more than ever. We can appreciate these advancements in the form of time savings and decreasing complexity when deploying to a cloud native environment, but we cannot completely ignore the details involved in these technologies. It’s tempting to take simplicity for granted, but sometimes we do this at the expense of keeping our software safe and secure!

Grab a cup of coffee and join Ryan Kovar, Mick Baccio, and Audra Streetman for another episode of Coffee Talk with SURGe. The team from Splunk will discuss the latest security news including: Mick and Ryan competed in a 60 second charity challenge to explain why they think password managers are still your best option for password security. The team also discussed data privacy after the FTC announced it is suing a data broker for selling geolocation data. Meanwhile, the FCC is launching an investigation into mobile carriers' geolocation data practices.

Visibility into your business applications is critical for delivering on business outcomes quickly. However, it must be accomplished while keeping your network security intact. Taking an application-centric approach can guarantee this.

- Machine Learning, AI & Cyber Security Part 2: Malicious Actors Welcome to a new episode of the Razorwire Podcast! Welcome to part two of our episode on Machine Learning, AI and Cyber Security. In part one, we discussed what it will be like for us as security professionals when we have access to AI tools, what we are doing with them now and how we could use them in future. In part two, we are re-joined by our guests Oliver Rochford of Securonix and Jonathan Care, a mentor of mine who specialises in cyber security and fraud detection.

Snyk helps software-driven businesses develop fast and stay secure. Continuously find and fix vulnerabilities for npm, Maven, NuGet, RubyGems, PyPI and more.

During this live stream we had a conversation with Zbyszek Tenerowicz (ZB) where he discuss how we can be susceptible to malicious packages as developers. Didn't catch the live stream? Ask all of your Snyk questions, and we’ll do our very best to answer them in the comment section. Snyk helps software-driven businesses develop fast and stay secure. Continuously find and fix vulnerabilities for npm, Maven, NuGet, RubyGems, PyPI and more.

GitHub Security Alerts! Support for Yarn 2... Frogbot scans every pull request created for security vulnerabilities with JFrog Xray and in version 2.3.2 it even opens pull requests for upgrading vulnerable dependencies to a version with a fix! With Frogbot installed, you can make sure that new pull requests don’t add new security vulnerabilities to your code base alongside them. If they do, the creator of the pull request has the opportunity to change the code before it is merged.