Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

DevOps

CIS Controls v8.1: Everything You Need to Know

The Center for Internet Security (CIS) Controls are a prioritized set of Safeguards to mitigate the most common cyber-attacks against systems and networks. The SANS 20 Critical Security Controls, formerly known as the SANS Top 20, is now called the CIS Controls and has been reduced from 20 to 18 Controls since version 8.

Unshackling Productivity Access Control for Modern DevOps in Three Acts

Unshackling Productivity, Access Control for Modern DevOps in Three Acts - Engineers hate security processes that throw off their rhythm. As modern, ephemeral, and highly scalable infrastructure becomes the norm, your engineers feel the pain more acutely. They need fast, frequent, and secure access to the resources they need when they need it. This webinar explores the bottlenecks created by applying legacy access controls to modern infrastructure and illustrates three case studies of how real-world companies broke through the access barriers to make their engineers happier and more productive.

EU Digital Operational Resilience Act (DORA): Are You Ready?

The Digital Operational Resilience Act (DORA) is a disruptive policy that came into effect in January 2025 with the objective to boost the cyber resilience of financial institutions in the European Union. As digital transformation increases, it is crucial to ensure the availability, integrity, and confidentiality of critical IT systems to sustain financial market trustworthiness and stability.

Teleport 17: A Game-Changer in Scalable, Secure, and Resilient Infrastructure Access

The explosive growth of computing infrastructure has ushered in a new era of complexity for engineering, infrastructure, and security teams. Managing access, identities, and policies across thousands—or even tens of thousands—of resources such as physical servers, multi-cloud platforms, and web apps is no small feat in itself.

Teleport 17

Teleport 17 marks our final major release of the year, bringing significant enhancements to our platform. In the six months since Teleport 16, we've not only developed this major release but also introduced several valuable features through minor and patch updates. A core theme for this release is scalable, secure, and resilient infrastructure access. This starts with our expanded focus on AWS Access. Teleport 17 includes preview support for AWS IAM Identity Center.

Yahoo's AppSec Journey: Scaling Security with Mend.io

Join Chris Madden, Distinguished Technical Security Engineer at Yahoo, as he shares how Yahoo scaled its application security program with Mend.io. In this insightful video, Chris details the challenges Yahoo faced in managing open source security and compliance risks, and how Mend.io's AppSec platform helped them: Discover how Mend.io enabled Yahoo to address critical vulnerabilities like Log4Shell, codify security policies, and achieve quantifiable benefits across their organization. If you're looking to improve your AppSec posture, especially at enterprise scale, this video is a must-watch!

CVSS 3.1 vs CVSS 4.0: A Look at the Data

Like the cost of groceries and everything else, CVSS scores seem to have experienced some inflation recently. CVSS 4.0 promises to be a better calculator of risk than previous iterations of the system, but that’s only true if you use it in its full capacity to calculate your specific risk within your specific environment. Most of us aren’t using it that way.