Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

DevOps

Container Images - Code Source

Sep 25, 2023 By Mend In Mend
Mend for GitHub.com Code Source provides a streamlined and highly effective approach to tracing vulnerabilities back to their source code in repositories. Mend’s proprietary labeling achieves this by adding the source repository URL and the Dockerfile path to your Dockerfile using OCI annotations, saving you time in researching risks detected on your built container images.
View Video
teleport

Teleport 14

Sep 25, 2023 By Ben Arent In Teleport

Once again it’s time for everyone’s favorite announcement: a brand new Teleport release! This release marks version 14 of Teleport and is packed with features, including a UI makeover. Let’s dive in! Teleport 14 brings the following new major features and improvements: Below are a few highlights: In addition, this release includes several changes that affect existing functionality listed in the “Breaking changes” section below.

Read Post

The Next-Gen Software Supply Chain by Shlomi Ben Haim | CEO & Co-founder, JFrog

Sep 22, 2023 By JFrog In JFrog
The evolution from DevOps and CI/CD to cloud-native technologies, microservices architecture, security and governance - and now all the way to automation and Artificial Intelligence - requires a new generation of SSC management that aims to deliver software faster, with higher quality, enhanced security, and improved customer experiences. In this session, we’ll share insights from over 7,000 JFrog customers, and what the Fortune 100 list tells us about where the software supply chain is headed Next!
View Video

Incorporating Every Element - SSC as a Platform by Yoav Landman | CTO & Co-founder, JFrog

Sep 22, 2023 By JFrog In JFrog
Managing and securing the software supply chain end-to-end is one of the most difficult challenges facing DevOps and DevSecOps teams today. As developers continue to push all boundaries on the left and right side of the software release cycle, enterprise focus remains on binaries, and their movement through the pipeline automatically and securely. See how an integrated, consistent platform approach is the only way to solve next-gen supply chain challenges!
View Video
rezilion

Rezilion Researchers Uncover New Details on Severity of Google Chrome Zero-Day Vulnerability (CVE-2023-4863)

Sep 21, 2023 By Ofri Ouzan & Yotam Perkal In Rezilion

On September 11th, 2023 Google released an emergency security fix for a critical vulnerability discovered, identified as CVE-2023-4863 affecting the Google Chrome for Windows, macOS, and Linux. CVE-2023-4863 is a zero day heap buffer overflow vulnerability in Google Chrome’s WebP with a HIGH 8.8 CVSS score. The vulnerability allows a remote attacker to perform an out-of-bounds memory write via a crafted HTML page.

Read Post
styra

How to express OR in Rego

Sep 21, 2023 By Anders Eknert In Styra

One of the most common questions people new to Open Policy Agent (OPA) and Rego ask is about how to express logical “OR” in the language. While there is no “OR” operator, Rego has no shortage of ways to express that, with some being more obvious than others. In this blog, we’ll take a look at the most common ways to express OR, and weigh the virtues of each method against the others. Hopefully you’ll learn a few tricks along the way.

Read Post

Operationalizing DevSecOps Roundtable

Sep 20, 2023 By Mend In Mend
DevSecOps best practices are increasingly being adopted to better secure software supply chains. The challenge, though, is finding ways to operationalize these processes so they’re seamless and development and deployment don’t slow down. Join Shiri Arad Ivtsan, Senior Director of Product Management – Mend.io, in this editorial roundtable as these experts explore the challenges DevOps teams and developers face in operationalizing security into their workflows and processes, what’s taking so long to do so and how AI and automation can help.
View Video
Subscribe to DevOps

Copyright © 2023 OpsMatters™. All rights reserved.