Moving fast, and meeting HIPAA compliance with Teleport
How Dylan Statmat of https://www.verticalchange.com/ uses Teleport to obtain HIPAA compliance.
Security | Threat Detection | Cyberattacks | DevSecOps | Compliance
The Latest Cybersecurity News & Insights From Around The World
DevOps
How to Keep Your Cloud Infrastructure Secure and Compliant
In a world of hyperscale public clouds, dynamically provisioned environments, distributed teams and remote work, how can you reliably secure access to your infrastructure and satisfy compliance requirements without slowing down your development teams? Gus Luxton discusses the essential elements of secure infrastructure access and how you can implement best practices in your environment. Speaker: Gus Luxton
Tame the snake: Snyk shines a spotlight on Python security
Today, 43% of all data breaches are directly linked to vulnerabilities found in applications. With the programming language Python reaching ever greater popularity in the developer space, Snyk has taken an in-depth look at security issues relating to the language and found that, "while 81% of the most popular Python packages are in a healthy state," roughly 20% of the security weaknesses identified by Snyk Code are related to Python projects.
PHP security in Snyk Code now GA
We recently announced our beta release for PHP support in Snyk Code, which brought with it the ability to identify potential PHP security vulnerabilities at the code level. After a successful public beta program, PHP security support in Snyk Code is now GA. 🎉🎉🎉 PHP is a popular programming language that is used by developers all over the world. In this blog post, we will take a look at some of the features of Snyk Code and how it can be used with PHP.
Unifying AWS IAM Access Across Multiple AWS Accounts and Products
AWS Identity and Access Management (IAM) is a keystone to accessing AWS accounts, but as companies grow, it can be difficult to understand and standardize, especially across many AWS accounts. To put some personality into the challenges of managing identity for multiple AWS resources and accounts, I’ll start with a short story about a fictional company that you might recognize as similar to the one you work in today! ACME Net is growing fast.
PWNKIT - What You Need to Know About It
We are still recovering from the after effects of Log4j, but there is already a new vulnerability around the corner. PWNKIT, reported by Qualys’ research team, is a major Linux polkit (previously known as PolicyKit) related vulnerability. Like Log4j, which is the logging utility of Java, polkit is a systemd SUID-root program that controls system-wide privileges in unix-like operating systems.
Databarracks' DevOps services help launch government's Help to Grow: Digital scheme
The scheme provides businesses with discounts of up to £5,000 on approved Digital Accounting and Customer Relations Management (CRM) software.
Stranger Danger: Live hack of how a Log4Shell exploit works
The Log4Shell vulnerability took the Java community by surprise at the end of 2021, and many organizations are still mitigating its impact. To help development teams stay informed as the situation unfolds, Snyk has created and continues to update its Log4j vulnerability resource center.
Fix security issues, get a tshirt. The Big Fix by Snyk.
Learn about The Big Fix campaign which Snyk is leading to help developers, and security practitioners fix security issues. Join us to get a sneak (snyk?) peak into the fun.
Sysdig achieves AWS Security Competency
Sysdig today announced that it has achieved Amazon Web Services (AWS) Security Competency status. This crucial designation recognizes the value provided by the Sysdig Secure DevOps Platform to AWS customers to achieve their container and cloud security goals. As a key partner for the ecosystem, Sysdig collaborates closely with AWS and its customers to enhance the protection of cloud infrastructure and applications against continuously evolving security threats.