ARMO adds CIS EKS benchmark
ARMO Platform has added the CIS EKS benchmark. Now, with Amazon Elastic Kubernetes Service (EKS) users can add this specific benchmark to the frameworks already available to them.
Security | Threat Detection | Cyberattacks | DevSecOps | Compliance
The Latest Cybersecurity News & Insights From Around The World
Technology
How To Setup Velero Backups On EKS Using IAM Roles for Service Accounts (IRSA)
Velero is an open-source tool that allows you to backup and restore your Kubernetes cluster resources and persistent volumes. Velero backups support a number of different storage providers including AWS S3. The process of setting up Velero backup with S3 using AWS credentials has been documented by Velero here. However, at the time of this post, there is no official documentation on how to set up Velero using IRSA or IAM Roles for Service Accounts.
The Cybersecurity Excellence Awards Trifecta - Earning Gold x3
It’s our own version of the triple crown! Salt Security has won gold in not one, not two, but three categories in the 2023 Cybersecurity Excellence Awards! It’s like being at the Oscars and winning Best Picture, Best Actor, and Best Director! Check out our award announcement! This year, Salt won highest honors for: Being recognized as the top solution for API security means a lot to our team.
How Protecting Your APIs Protects Your Bottom Line
Several big-name API breaches have been in the news over the past few years, but API attacks happen every single day and typically don't make the headlines. Securing your APIs is no longer a luxury, but it’s also not just a burden. This short video shares how protecting your APIs opens the door to real business value.
Android apps in the PlayStore are leaking their credentials and secrets
How many android applications on the play store are leaking their credentials and secrets! The answer comes from independent research conducted by Cybernews which shows nearly half of all applications on the Play Store are leaking secrets. Vincentas Baubonis, a security researcher from CyberNews joined GitGuardian on a Webinar to detail some research they conducted exploring how android applications are leaking secrets.
Account Takeover Vulnerability in Azure's API Management Developer Portal
How an Account Takeover vulnerability, discovered during a routine customer engagement, became a candidate for responsible disclosure, via the Microsoft Security Research Center Researcher Portal.
The State of Secrets Sprawl 2023
The report reveals an unprecedented number of hard-coded secrets in new GitHub commits over the year 2022. And much more.
Mend & AWS CodeCatalyst Integration
Are you using AWS CodeCatalyst? Mend can integrate with your source control and quickly detect open source artifacts and their known vulnerabilities and licensing risks. Mend also provides all the information you need to fix these artifacts automatically.
How to get started with Cloudflare R2
Say goodbye to egress fees with R2 from Cloudflare. R2 Object Storage is S3-compaitable and allows developers to store large amounts of unstructured data without the costly egress bandwidth fees associated with typical cloud storage services.
API Email Security Weaknesses
Overall, while API email security services can provide a valuable layer of protection against email-based threats, they are not foolproof and can have limitations and weaknesses. It is important to consider these weaknesses when selecting and configuring an API email security service.