As a developer, you’re probably using some infrastructure cloud provider. And chances are, you automate parts of your infrastructure using infrastructure as code (IaC), so deployments are repeatable, consistent, easily deployable, and overall, more secure because code makes parameters more visible.

The password strength rules that determine whether the newly inserted password is valid or not, are defined by a password policy. A password must comply with these password strength rules to be set for an account. In short, a password policy is a procedure that encourages the users to set strong passwords or at least use passwords that comply with the company’s group policy objectives. You have the option of specifying the below-mentioned standards and rules for a password.

The software bill of materials (SBOM) is being widely touted as a way to ensure the security and integrity of software products. This is an accurate assessment, but not all SBOMs are created equal. Specifically, those that are dynamic are far more useful and effective than those that are not. In fact, SBOMs that are not dynamic—able to easily and automatically account for the constant change swirling around the software landscape—are of minimal use.

Databases are sensitive resources that need an additional layer of protection and security. Though database servers have built-in authentication and authorization mechanisms, they are not designed for cloud-based, multi-tenant access mechanisms. Managed databases such as Amazon RDS are accessed and administered by different personas with varying levels of access permissions.

What’s your role in the vulnerability management process?

In our mission to make Terraform Cloud workflows more streamlined and secure, we’re excited to announce our new native integration into HashiCorp Terraform Cloud. This integration embeds the security expertise and developer-friendly fixes of Snyk Infrastructure as Code (Snyk IaC) directly into Terraform Cloud, making the Terraform Cloud workflow one of the safest ways to provision and manage public cloud infrastructure.

I have news to share. Teleport has just secured $110M in Series C funding to keep growing the business that I started with my co-founders Sasha Klizhentas and Taylor Wakefield in 2015. This is exciting for founders and employees, but I think it is also excellent news for all software engineers who are crying out for a better way to manage secure access to their mission-critical cloud infrastructure. More on that below.

As the data of the world continues growing at an exponential rate year after year, cybercriminals have come up with highly complicated ways to get access to your personal information. They make use of simple password hacks to malware attacks and even phishing scams. It implies that if you wish to stay alert about all types of potential attacks, selecting a good, strong password is an important aspect to consider.

This blog post covers some of my favorite settings for configuring the behavior of an ssh client (i.e. what is in the man pages for ssh_config). Whether you are looking to add some additional security constraints, minimize failures, or prevent carpal tunnel, ssh_config is an often underutilized, yet powerful tool. While the examples in this article focus on ssh configurations on unix based systems like linux and macOS, running an ssh server on windows is supported using openSSH.