Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

DevOps

How do we solve a problem like Log4shell?

Dec 17, 2021 By Snyk In Snyk
With the infamous Log4shell vulnerability spread far and without any direct fixes available yet, what do we do? Our panel of Java champions discuss the immediate reality, the near term solutions, and how the community can help itself and its members Speakers Host - Randall Degges | Head of Developer Relations & Community at Snyk Ana-Maria Mihalceanu | Developer Advocate Red Hat Martijn Verburg | Principal Engineering Group Manager (Java) at Microsoft
View Video

Securing Microservices-Based Apps with Dynamic Traffic Authz

Dec 17, 2021 By Styra In Styra
Learn how to tightly control traffic flow to, from and between microservices with Styra Declarative Authorization Service (DAS) & Kong Mesh. When it comes to the digital transformation journey, teams are often faced with distributed software architectures in order to accelerate innovation and reduce costs. With Styra Declarative Authorization Service (DAS) now integrated with Kong Mesh, teams have the collaboration tools and visibility required to manage service mesh traffic via Open Policy Agent (OPA) at a global scale.
View Video
styra

Six of My Favorite Styra Declarative Authorization Service Features

Dec 16, 2021 By Anders Eknert In Styra

Open Policy Agent (OPA) allows developers to accelerate time to market and focus on their differentiated work, instead of spending their time figuring out how they are going to write bespoke authorization policies. With OPA handling authorization decisions across the stack, each service, app or platform API just has to handle enforcement of OPA decisions.

Read Post

What has the Log4shell vulnerability taught us about application security?

Dec 16, 2021 By Snyk In Snyk
A week ago, we had no idea what Log4shell was. Today, we have the global developer community coming together to keep itself safe from a vulnerability that ranks the highest in terms of risk. We need technical solutions, but what does it mean for the landscape of application security, and what have we learned from this situation?
View Video
Snyk

Security in context: When is a CVE not a CVE?

Dec 16, 2021 By Matt Jarvis, Asaf Biton In Snyk

At Snyk we have some general points of principle that we use to help guide our security thinking and decision making. Firstly, it is always important to understand from whom we are protecting, as it has implications for how we need to act. As an example of this, if our artefact is a web server, then we need to protect it against untrusted users. Whilst if our artefact is encryption software, then we clearly need to protect it even from users with physical access to the system.

Read Post

Log4Shell: What You Need to Know About the Log4j Vulnerability (APJ)

Dec 16, 2021 By Snyk In Snyk
A new critical vulnerability, Log4Shell, was publicly disclosed on December 10th and is making global headlines. It impacts a wide amount of applications on the internet, allowing attackers to remotely execute code within vulnerable applications worldwide. In this webinar recording, Snyk technical experts provide an in-depth technical review of the Log4Shell vulnerability, what caused it, how it can be exploited, and most importantly, how it can be mitigated through upgrades, or defended against in WAF configurations and more.
View Video
CrowdStrike

Automate Your Cloud Operations With Humio and Fylamynt

Dec 16, 2021 By Humio Staff In CrowdStrike

A new API integration for Humio and Fylamynt helps joint customers improve the efficiency of their cloud operations teams by automating repetitive and manual operations tasks. Fylamynt, a low-code platform that delivers a developer’s approach to ITOps with site reliability engineering (SRE), works with Humio to empower faster response times to critical operational issues, reduce human error and increase productivity so DevOps teams can focus on adding value through innovation.

Read Post
Subscribe to DevOps

Copyright © 2024 OpsMatters™. All rights reserved.