DevSecOps

What is the DevSecOps Maturity Model (DSOMM)?

Feb 15, 2024 By Eyal Katz In Spectral

High-velocity software development today is close to impossible (and most certainly not sustainable) without DevOps. The migration to the public cloud, along with increasing regulatory demands, and other factors made application and code security as vital as DevOps. Thus were born the practices and frameworks of DevSecOps. The value of DevSecOps is evident and clearly understood by technologists.

Read Post

Spectral

Read more about What is the DevSecOps Maturity Model (DSOMM)?

DevSecOps best practices

Feb 13, 2024 By Steven Zimmerman In Synopsys

There is a need for a new approach to AppSec—one that handles business risk without obstructing company growth, eliminates the tradeoff between speed and security, and fulfills the DevSecOps promise. Here are four DevSecOps best practices to help your organization realize this vision with an efficient, effective DevSecOps strategy.

Read Post

Synopsys

Read more about DevSecOps best practices

7 DevSecOps Principals Every Developer Must Know

Feb 7, 2024 By Eyal Katz In Spectral

DevSecOps – for many, it feels like a magical black box where code and sensitive digital assets go in one end, and a working piece of software comes out the other. Security practices within the development and operational phases can often get lost. Organizations that haven’t adopted DevSecOps see half of their apps at risk of attacks, while those with a DevSecOps-first approach have only 22% at risk. That’s why the core principles of DevSecOps are important.

Read Post

Spectral

Read more about 7 DevSecOps Principals Every Developer Must Know

Creating DataTrails for Supply Chain Artifacts

Feb 7, 2024 By Steve Lasker In DataTrails

In a world where software is produced, distributed, and re-distributed, how do you ensure the software you consume is authentic and safe for your environment? How do you know the software you deployed yesterday is safe today? Most software exploits are discovered after the software has been deployed, which raises the question: It’s not just about getting software updates, as the majority of exploits are distributed as updates. Staying updated isn’t the most secure.

Read Post

DataTrails

Read more about Creating DataTrails for Supply Chain Artifacts

Customize your Access Policies with DataTrails

Feb 1, 2024 By DataTrails Team In DataTrails

Signing up with DataTrails comes with the ability to share your audit trails with your business partners, other applications, and your internal team. Access policies control users, apps & organizations’ read & write privileges to provenance data in DataTrails. If you’re using an integration, access policies offer a way to fine-tune these integrations, giving specific permissions to add to and read your records.

Read Post

DataTrails

Read more about Customize your Access Policies with DataTrails

DevSecOps Security Best Practices

Feb 1, 2024 By JFrog In JFrog

Carmine Acanfora, Solutions Architect at JFrog in the EMEA region, leads this security best practices webinar. In this webinar, we discuss the advanced features of the JFrog Advanced Security solution, now available in self-hosted mode. We will take the time to address your questions, particularly on topics crucial for all developers, such as: Don't miss this opportunity to explore JFrog's latest security solution and learn how to accelerate and secure your software supply chain with the first DevOps-oriented security solution on the market.

View Video

JFrog

Read more about DevSecOps Security Best Practices

What is Data Provenance?

Jan 30, 2024 By Will Cumpston In DataTrails

Data provenance is a technology field that aims to help businesses increase trust through transparency of data, specifically by tracking the origin, change, and history of data and making it verifiable. Recently, the benefits of data provenance have become more important than ever. With the emergence of generative AI, all it takes are a few button clicks for anyone to create or manipulate data and convince others that fake data is trustworthy and real.

Read Post

DataTrails

Read more about What is Data Provenance?

The DevSecOps Hangout

Jan 30, 2024 By JFrog In JFrog

Curious to see what all the AI/ML hype is about? Watch our DevSecOps Hangout and hear how ML Model management benefits organizations by providing a single place to manage ALL software binaries, bringing DevOps best practices to ML development, and allowing organizations to ensure the integrity and security of ML models – all while leveraging an existing solution they already have in place. Watch our expert educational talks and panel discussion with our Technology Partner Qwak on MLOps, DevSecOps, AI, and Machine Learning.

View Video

JFrog

Read more about The DevSecOps Hangout

How Transparency Can Stop Invoice Fraud

Jan 24, 2024 By Will Cumpston In DataTrails

The average cost of invoice fraud to middle-market businesses is almost $280,000 per year. Invoice fraud affects businesses of all sizes, and the levels of fraud have increased in part because it’s not possible to authenticate all invoices that come in manually, with many businesses paying out invoices without authentication if they’re under a certain amount. Today’s information security rules and regulations can’t keep up.

Read Post

DataTrails

Read more about How Transparency Can Stop Invoice Fraud

Essential Cloud Security Tools for Effective DevSecOps

Jan 22, 2024 By Natalie Tischler In Veracode

Implementation of a DevSecOps approach is the most impactful key factor in the total cost of a data breach. Successful DevSecOps in a cloud-native world is aided by the right tools. Here are a handful of the most essential cloud security tools and what to look for in them to aid DevSecOps.

Read Post