Technology

APIDays: Data Privacy in the age of cloud-native applications

Jan 3, 2022 By Guillaume Montard In Bearer

APIDays is a world series of conferences about—you guessed it—APIs. It made a lot of sense for us to attend it in past years, since we started Bearer as an API monitoring platform. As we pivoted to a data security product a year ago, we wondered if we still had something to contribute. That was until we learned that APIDays would host the Privacy Engineer Conference.

Read Post

Bearer

Read more about APIDays: Data Privacy in the age of cloud-native applications

AWS Pentest Beginners Guide - Tools and Techniques

Dec 29, 2021 By Cyphere In Cyphere

AWS Penetration Testing Guide This video is an informational video about the pentesting service we offer at Security Audit. Here you will learn how our pentesting team can help you with AWS penetration testing and what it entails. Cyphere is a UK-based cyber security services provider helping organisations to secure their most prized assets. We provide technical risk assessment (pen testing/ethical hacking) and managed security services. This advice is a true third party opinion, free from any vendor inclinations or reselling objectives.

View Video

Cyphere

Read more about AWS Pentest Beginners Guide - Tools and Techniques

Will Zero Trust Shape the Future of Cloud Security?

Dec 29, 2021 By Tripwire Guest Authors In Tripwire

Zero trust is everywhere, and it will change the way we undertake security. Just as zero trust concepts are shaping the data center and our networks, they will shape cloud environments, as well. Many of the challenges of cloud security arose because we moved workloads to the cloud with no clear idea of how to secure them. Zero trust provides exactly those ideas.

Read Post

Tripwire

Read more about Will Zero Trust Shape the Future of Cloud Security?

Log4j Detection with JFrog OSS Scanning Tools

Dec 28, 2021 By Ilya Khivrich In JFrog

The discovery of the Log4Shell vulnerability in the ubiquitous Apache Log4j package is a singular event in terms of both its impact and severity. Over 1 million attack attempts exploiting the Log4Shell vulnerability were detected within days after it was exposed, and it may take years before we see its full impact.

Read Post

JFrog

Read more about Log4j Detection with JFrog OSS Scanning Tools

Netskope Advanced Analytics Simplify Risk Management Across Roles (Part 2)

Dec 28, 2021 By James Christiansen In Netskope

The following is the second part of a two-part series describing several critical use cases where Advanced Analytics can help teams make the right decisions to strengthen their overall posture and effectively manage risk.

Read Post

Netskope

Read more about Netskope Advanced Analytics Simplify Risk Management Across Roles (Part 2)

It takes a community: Responding to open source criticism post-Log4Shell

Dec 23, 2021 By Randall Degges In Snyk

The last week has been a wild ride for just about everyone in the technology world due to the public disclosure of the Log4Shell vulnerability. As a developer security company, Snyk has built our business around proactive automation to identify and fix security issues in applications. To say we’ve been busy this week would be an understatement.

Read Post

Snyk

Read more about It takes a community: Responding to open source criticism post-Log4Shell

How Black Duck Addresses the Log4j Zero-Day Open Source Vulnerability

Dec 23, 2021 By Synopsys In Synopsys

Synopsys experts will demonstrate how to use Black Duck to quickly discover and remediate open source security vulnerabilities like Log4j. Black Duck Software Composition Analysis (SCA) not only helps you address open source risk, but enables you to stay ahead of the next zero-day open source vulnerability with robust scanning, detailed and actionable security information and continuous monitoring and alerting.

View Video

Synopsys

Read more about How Black Duck Addresses the Log4j Zero-Day Open Source Vulnerability

Review API Scanning Prescan Results

Dec 22, 2021 By Veracode In Veracode

In this video, you will learn how to review Dynamic Analysis prescan scan results for an API specification. After creating and submitting a Dynamic Analysis API specification scan, you can return to the list of Dynamic Analyses at any time to check for status updates and to view results. Please note, you must have the Creator, Reviewer, or Security Lead role to be able to view the results of a Dynamic Analysis, unless the results are linked to a Veracode application profile for which you have permission to view.

View Video

Veracode

Read more about Review API Scanning Prescan Results

Review API Scanning Results

Dec 22, 2021 By Veracode In Veracode

In this video, you will learn how to review Dynamic Analysis scan results for an API specification. After creating and submitting a Dynamic Analysis API specification scan, you can return to the list of Dynamic Analyses at any time to check for status updates and to view results. Please note, you must have the Creator, Reviewer, or Security Lead role to be able to view the results of a Dynamic Analysis, unless the results are linked to a Veracode application profile for which you have permission to view.

View Video

Veracode

Read more about Review API Scanning Results

Cloud Security Posture Management

Dec 22, 2021 By Arctic Wolf In Arctic Wolf

Arctic Wolf Cloud Security Posture Management security operations identify cloud resources at risk and provide guidance on hardening their posture, simplifying cloud security.

View Video