Security | Threat Detection | Cyberattacks | DevSecOps | Compliance


What it takes to do Cloud Detection & Response

A guest post by James Berthoty the founder of Latio Tech. The shift to cloud has meant an explosion in cloud security-related acronyms – so many that it can be difficult to know what you currently have versus what’s missing or available. First we bought CSPMs (Cloud Security Posture Management), then CWPPs (Cloud Workload Protection Platforms), then CNAPPs (Cloud Native Application Protection Platform), then CDRs (Cloud Detection Response), and now KDRs (Kubernetes Detection Response).

Understanding AI Package Hallucination: The latest dependency security threat

In this video, we explore AI package Hallucination. This threat is a result of AI generation tools hallucinating open-source packages or libraries that don't exist. In this video, we explore why this happens and show a demo of ChatGPT creating multiple packages that don't exist. We also explain why this is a prominent threat and how malicious hackers could harness this new vulnerability for evil. It is the next evolution of Typo Squatting.

Simplifying Identity Management: The Power of Identity Federation

Managing identities across multiple applications has become increasingly complex for businesses of all sizes. This complexity intensifies as organizations expand, underscoring the critical need for efficient identity management solutions. BoxyHQ's Identity Federation Proxy rises to this challenge by offering a robust solution that streamlines user identity management across all customer-facing applications, irrespective of their diverse configurations or Identity Provider (IdP) protocols.

How to choose the Best Node.js Docker Image

Today we walk through the best options for your Node.js Docker Image, how to avoid common pitfalls and mistakes, and the best ways to strengthen the security of your projects effectively. ⏲️ Chapters ⏲️ ⚒️ About Snyk ⚒️ Snyk helps you find and fix vulnerabilities in your code, open-source dependencies, containers, infrastructure-as-code, software pipelines, IDEs, and more! Move fast, stay secure.