Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

DevOps

rezilion

Why Vulnerability Management is Foundational to Cybersecurity in Financial Services

Dec 16, 2021 By Rezilion In Rezilion

The ability to effectively manage vulnerabilities in an efficient and strategic manner is critical for companies. The ongoing practice of identifying, classifying, prioritizing, and fixing software vulnerabilities should be a key component of the development process. If it’s not, teams might turn out applications that contain vulnerabilities with consequences ranging from mild annoyances to disastrous security breaches.

Read Post
armo

How to Become a Certified Kubernetes Administrator?

Dec 16, 2021 By Jonathan Kaftzan In ARMO

Without a doubt, Kubernetes is the most prominent container orchestration tool. And you’ve probably noticed that many positions available to IT professionals require Kubernetes experience. One way to gain or prove your Kubernetes knowledge is by becoming a Certified Kubernetes Administrator (CKA). This certification is issued by the Cloud Native Computing Foundation (CNCF) in collaboration with the Linux Foundation. They offer three Kubernetes related certifications.

Read Post
styra

2022 Cloud-native Trends: Need for AuthZ and OPA Will Grow

Dec 15, 2021 By Eileen Kemp In Styra

It’s that time of year again — full of ugly sweaters, holiday cookies and technology predictions (cloud-native style)! Last year, we predicted that we’d see continued Kubernetes adoption, focus on DevSecOps in organizations and open source dominance. This year, we sat down with our co-founder and CTO, Tim Hinrichs and our CEO Bill Mann to hear a few of their predictions for the open source and cloud-native authorization market.

Read Post

Fireside Chat: Log4j and Injection Flaws

Dec 15, 2021 By Snyk In Snyk
Join us for a fireside chat with Micah Silverman, Snyk's Director of DevSecOps Acceleration, and Vandana Verma, Security Relations Leader at Snyk, as we answer your #Log4Shell questions: What is it and how does it affect us? How do I find and fix the #Log4J vulnerability? What can other language ecosystems learn from this? We'll also talk about the OWASP Top 10 and injection flaws.
View Video
teleport

Introducing Teleport Access Plane for Linux and Windows Hosts

Dec 15, 2021 By Ben Arent In Teleport

We are excited to welcome Windows hosts to the Teleport Access Plane. For the past 5 years we’ve helped refine our Access Plane for Linux hosts, providing short-lived certificate-based access, RBAC and developer-friendly access to resources. As we’ve rolled Teleport to larger organizations, we found that people wanted the same convenience and security of Teleport but for Windows hosts.

Read Post
rezilion

3 Things We've Learned About Log4Shell in 48 Hours

Dec 15, 2021 By Yotam Perkal In Rezilion

The dust refuses to settle over the Apache Log4j2 vulnerability (CVE-2021-44228) commonly known as Log4Shell. Rezilion is closely monitoring the situation and in this blog post, we will provide relevant information and updates that have surfaced since Log4Shell entered the IT world by storm. If you want a deeper understanding of the vulnerability itself, you can refer to our previous blog post around the topic.

Read Post

Log4j Log4Shell Vulnerability: All You Need To Know

Dec 15, 2021 By JFrog In JFrog
On December 9, 2021, a researcher from the Alibaba Cloud Security Team dropped a zero-day remote code execution exploit on Twitter, targeting the extremely popular log4j logging framework for Java. Since then, the trivially exploitable (weaponized PoCs are available publicly) and extremely popular library has reportedly been massively exploited and has gotten wide coverage on media and social networks.
View Video
Subscribe to DevOps

Copyright © 2024 OpsMatters™. All rights reserved.