Amid all the talk of shifting left, mingling the DevOps and Security tribes and how can we do code better, faster and with more quality a funny thing happened. Security vendors are developing security tools for devs and DevOps. The security team still pays for them, but they won't buy them without Dev and DevOps buy in. What does this mean for 2020? Will we see better "quality (codeword for security)" in our apps? What should security teams be doing to make this happen? What should Devs and DevOps teams do to adopt these new developer-friendly tools? Is 2020 the year DevSecOps makes a difference?

Gone are the days where open source components were only used by individual developers, start-ups or small corporations. Today, even the biggest corporate giants have realized the numerous benefits open source usage brings, thereby openly embracing this as part of their software to help them focus their efforts and push more code out of the door faster.

The push to the cloud has introduced a previously unknown level of agility to many organizations, but sometimes at the expense of data security. Human error often is the cause of cloud security blunders, putting sensitive data at risk and causing real damage to companies in terms of financial liability and loss of reputation. This webinar discusses some of the more overlooked aspects of cloud security and offers up some best practices for ensuring data in the cloud is truly secure.

The Payment Card Industry (PCI) Security Standards Council recently released a new security framework to replace the previous standard (PCI PA-DSS). The new framework is set to better address the changes that the software development industry has seen in the past few years. Agile and DevOps methodologies, cloud and containerized environments and widespread open source usage have become the new normal and with this, present new AppSec challenges. To ensure that users of payment apps remain safe, the new framework aims to lay a substantial value on continuous application security.

Open source software components play an important role by providing us with the building blocks of our products. However, even as we enjoy the benefits of open source components, they are not without their challenges, especially when it comes to security vulnerabilities.

Employees are continually expected to be continuously accessible and to interact in today's work environment. If the corporation approves, workers will be using their personal computers for work. Rather of overlooking the inevitable, companies should establish and enforce a BYOD policy that safeguards the company and combines profitability with protection.

Attend our webinar about PCI compliance in containers & Kubernetes: Download our PCI Guide: More info in our blog: Many of your applications are now starting to run on containers in the cloud. If your applications are at all dealing with credit card data, you may be wondering how to validate PCI compliance, a well known regulation for handling this data securely. PCI is also a must have requirement to check off before your code gets to production.

Malicious actors often use Domain Generation Algorithms (DGA) to exploit the DNS protocol and execute command-and-control (C & C) malware attacks. In this webinar, threat researchers Manoj Ajuhe and Chris Gong from Tigera’s Threat Detection Team will be sharing the latest insights into DGAs, the risks they present, along with best practices to speed detection and mitigation.

Remote work poses unique challenges for companies because employees are not physically working on-site, they're often relying on their own Wi-Fi networks and devices to access company data and infrastructure. To mitigate security risks, companies must implement clear and comprehensive data security policies and take proactive measures to ensure complete cybersecurity for their remote teams.