DevOps

How to Boost Confidence in Your Open Source Security with Mend Smart Merge Control

Jun 20, 2023 By Jeanette Sherman In Mend

Modern applications are hugely dependent on open-source software. 80 percent of most organizations’ apps and code base is now open source, in some cases more. While this is great for swift development and innovation, it increases the possibility of vulnerabilities arising that bad actors can exploit, and it expands the potential attack surface.

Read Post

Mend

Read more about How to Boost Confidence in Your Open Source Security with Mend Smart Merge Control

Fortinet Discreetly Patches CVE-2023-27997, a Known Exploited Vulnerability

Jun 16, 2023 By Rezilion In Rezilion

According to Fortinet, 110 vulnerabilities affecting Fortinet software were announced since the beginning of 2023. On June 8th, security fixes were released in FortiOS firmware versions 6.0.17, 6.2.15, 6.4.13, 7.0.12, and 7.2.5. Interestingly, no specific reference to a CVE patch was provided, raising questions about the nature and extent of the new version release’s purpose.

Read Post

Rezilion

Read more about Fortinet Discreetly Patches CVE-2023-27997, a Known Exploited Vulnerability

From Code to Cloud: Enforcing Kubernetes and Terraform guardrails via Styra DAS

Jun 15, 2023 By Paul Foryt In Styra

Whether you use the 600+ Styra provided compliance rules or build your own, with Styra DAS, the same rules can now enforce compliance of your Kubernetes and Terraform infrastructure across all of the Code, Deploy, and Run phases.

Read Post

Styra

Read more about From Code to Cloud: Enforcing Kubernetes and Terraform guardrails via Styra DAS

The definitive guide to compliance with cloud-managed Kubernetes

Jun 15, 2023 By Henry Hernández In ARMO

Kubernetes has become a vital component in cloud-native infrastructure, enabling organizations to deploy and manage containerized applications at scale. However, compliance is crucial to modern infrastructure, especially for businesses that handle sensitive data. Organizations that adopt Kubernetes must thus also be sure to maintain the security of their infrastructure, as well as address compliance requirements to meet regulatory standards.

Read Post

ARMO

Read more about The definitive guide to compliance with cloud-managed Kubernetes

Introducing Compliance Score: simplifying compliance assessment

Jun 15, 2023 By Amit Ofry In ARMO

In today’s digital landscape, compliance with industry frameworks is vital for businesses, Kubernetes environments are no exception. That being said, Risk Score is an illusive term. It is inconsistent between scanners and is ultimately hard to explain to stakeholders. Introducing a meaningful Compliance Score, now available on ARMO Platform. The new Compliance Score offers a user-friendly method to assess compliance levels. It measures control-specific compliance and overall framework compliance.

Read Post

ARMO

Read more about Introducing Compliance Score: simplifying compliance assessment

Kubernetes compliance under GDPR

Jun 15, 2023 By Henry Hernández In ARMO

The General Data Protection Regulation (GDPR) is a data privacy and security regulation in the European Union (EU) that aims to protect individuals’ personal data collected and processed by businesses. The financial penalties for a company that is found to be non-compliant with GDPR can be significant: €20 million or 4% of its annual global revenues.

Read Post

ARMO

Read more about Kubernetes compliance under GDPR

Secure Remote Access with Secretless SSH Access

Jun 15, 2023 By Teleport In Teleport

Teleport's Infrastructure Access Platform is a highly adaptable solution that addresses various use cases. It enables secretless SSH access to any internet-connected device, making it ideal for solving compliance requirements and enhancing infrastructure access security. Watch this session as we explore Teleport as a secure secretless solution for accessing remote Linux infrastructure via SSH. In particular, we will focus on its application in providing remote support within client environments, a common need for Managed Service Providers (MSPs).

View Video

Teleport

Read more about Secure Remote Access with Secretless SSH Access

7 Best Practices for Modern AppSec Programs

Jun 15, 2023 By Adam Murray In Mend

Mend.io CEO Rami Sass, Jeff Martin, VP of product management, and CMO Arabella Hallawell recently sat down for a panel discussion on AppSec today. In this second of a two-part series, they get tactical, as they discuss seven best practices for building modern AppSec programs.

Read Post

Mend

Read more about 7 Best Practices for Modern AppSec Programs

Rezilion Launches Breakthrough Agentless Runtime Monitoring Solution for Vulnerability Management

Jun 14, 2023 By Rezilion In Rezilion

Rezilion announces the release of its Agentless Runtime Monitoring solution. This new capability allows user connection and access to Rezilion's full feature functionality across multiple cloud platforms. It enables security teams to monitor exploitable attack surfaces in runtime without using an agent to simultaneously minimize security and operational risk.

Read Post

Rezilion

Read more about Rezilion Launches Breakthrough Agentless Runtime Monitoring Solution for Vulnerability Management

How to Secure Your CI/CD Pipelines with GitGuardian Honeytokens

Jun 14, 2023 By Guest Expert In GitGuardian

Discover how honeytokens, digital decoys designed to detect unauthorized access, can strengthen the security of your CI/CD pipelines. In this guide, we offer step-by-step instructions for integrating them into popular pipelines like Jenkins, GitLab, and AWS CodePipeline.

Read Post

GitGuardian

Read more about How to Secure Your CI/CD Pipelines with GitGuardian Honeytokens

Subscribe to DevOps

Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

DevOps

How to Boost Confidence in Your Open Source Security with Mend Smart Merge Control

Fortinet Discreetly Patches CVE-2023-27997, a Known Exploited Vulnerability

From Code to Cloud: Enforcing Kubernetes and Terraform guardrails via Styra DAS

The definitive guide to compliance with cloud-managed Kubernetes

Introducing Compliance Score: simplifying compliance assessment

Kubernetes compliance under GDPR

Secure Remote Access with Secretless SSH Access

7 Best Practices for Modern AppSec Programs

Rezilion Launches Breakthrough Agentless Runtime Monitoring Solution for Vulnerability Management

How to Secure Your CI/CD Pipelines with GitGuardian Honeytokens

Monthly Archive

Follow Us