Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

DevOps

The Imperative of API Security in DevOps

Consider a modern software application as a constellation of cities that dot the landscape. These cities are components such as databases, authentication services, business logic engines, and more. Requests travel between components carrying data just as citizens travel between cities carrying their belongings. The highways that connect the cities on this map are your APIs. Cities get the most attention, often receiving the security and protection they need.

How to Implement Scalable Access Controls with RBAC: Best Practices for Zero Trust Environments

In the arms race to secure environments, codifying permissions often becomes an afterthought in the wake of setting up a new access tool. I often speak with organizations that either don’t know who has permission to what, or have no permission definitions at all. I once onboarded an enterprise level digital communications company that was losing productivity trying to keep track of who had access to their Kubernetes resources.

Empowering Teams for Better Security: A Conversation with Jigar Shah - Secrets of AppSec Champions

Developing a Security Culture: In today's highly digital and interconnected world, cybersecurity isn't just an IT issue; it's everyone's responsibility. Creating a robust security culture within your organization involves integrating security awareness into your daily operations. Train your employees, provide adequate resources, and define clear roles and responsibilities for security champions and influencers.

Top open-source CSPM projects to secure your cloud infrastructure

As more organizations move their critical infrastructure to the cloud, ensuring security has become a top priority. This is where Cloud Security Posture Management (CSPM) comes in. CSPM solutions validate the configuration of cloud services from a security perspective, ensuring alignment with best practices and compliance frameworks such as CIS Benchmarks, PCI-DSS, NIST, and others.

Customize Your Team's Remediation Messages In ggshield

We are very proud to announce that you can now easily provide your own custom remediation messages in ggshield, the GitGuardian CLI. Earlier versions of ggshield offered the same general remediation advice to all users if a secret was detected when using git hooks for automated scanning.

Disable SSLv2: When older is not better

Secure Sockets Layer (SSL) is a technology that encrypts data sent between a user's browser and a website or application on a server. The purpose of SSL is to secure the information preventing eavesdropping and tampering. Originally released in 1995, SSLv2 is a protocol used to encrypt data sent over the internet, ensuring that the information remains private and secure.

Enhancing Edge Environment Data Protection with CloudCasa, AKS, and Azure Arc

As businesses continue to embrace the flexibility and scalability of cloud-native applications managed by Azure Kubernetes Service (AKS), ensuring robust data protection for them across diverse locations, including edge environments, becomes paramount. For organizations leveraging Kubernetes at the edge with Azure Arc, the need for a comprehensive and easily managed backup and disaster recovery solution is crucial.