Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

DevOps

Secure your infrastructure from code to cloud

Nov 2, 2021 By Snyk In Snyk
Infrastructure as Code enables you to take ownership of your cloud environments and define what your application needs in a programmatic way. It's appealing because it’s code; you can version it, you can automate testing it using pipelines and you can deploy it frequently on your own. However there is a catch. With this level of autonomy comes increased responsibility and the implicit requirement to have the relevant knowledge needed in order to design and configure secure infrastructure.
View Video

Haunted: Chrome's vision for post-Spectre web development

Nov 2, 2021 By Snyk In Snyk
Ahh, the web, an open platform where sites can communicate with each other, embed third-party content to unlock powerful features, make requests to arbitrary endpoints of other web applications... Well. Isolation was never a thing on the web, and this creates a number of security issues⏤but Spectre took this to the next level.
View Video

Enterprise Application Risk Profiling

Nov 2, 2021 By Snyk In Snyk
I will discuss digital transformation in the enterprise, how it impacts cloud native applications developed using agile methodologies and as a result, an oscillating application risk rating, which then triggers prioritized security-related activities by application security engineers.. Key topics will include: Creating a baseline application risk profile Dynamic characteristics of application risk factors Significant changes that trigger security reviews
View Video
Snyk

Accelerating the Snyk infrastructure as code vision with the addition of CloudSkiff

Oct 29, 2021 By Guy Podjarny In Snyk

We are thrilled to welcome the team at CloudSkiff to Snyk! Many of you may be more familiar with driftctl, the open source project started by the CloudSkiff team. I wanted to share with you why we’re excited about the addition of this fantastic group of people to Snyk, and our plans for the future of Snyk Infrastructure as Code (Snyk IaC), as well as our commitment to keeping driftctl open source.

Read Post

Sharpen your security skills with open source! Introduction to modern infrastructure access

Oct 29, 2021 By Teleport In Teleport
Secure access to complex computing environments is hard to get right. Introducing the open source identity-aware access proxy: Teleport. It is used by engineers at smart companies Nasdaq and Google, to easily access all to their computing resources — SSH servers, Kubernetes clusters, or databases. For security professionals, Teleport uses short-lived certificates, audit logs, and session recordings to make it easier to achieve high security standards and compliance.
View Video
mend

What You Need to Know About Code Risk Management

Oct 28, 2021 By Mike Allen In Mend

Risk management of code is an important and often overlooked development function that you need to pay attention to. You may think that this is not a developer’s problem, however developers should not write code that unduly adds to technical debt, hence the need to manage risk. The primary motivation for risk management is to prevent error or failure. Do not seek to eliminate failure, seek to minimise it, to manage the risk of failure.

Read Post
styra

Microservices Transformed DevOps - Why Security Is Next

Oct 28, 2021 By Tim Hinrichs In Styra

Microservices fundamentally changed the way we build modern applications. Before microservices, engineers had a small number of huge chunks of code that made up their application. Many apps were a single monolith of code, and some might have been broken out into a frontend, backend and database. So, when a team needed to update or patch their code, they had to do it slowly and with great care because any change to any part affected every other part of their app.

Read Post
Subscribe to DevOps

Copyright © 2024 OpsMatters™. All rights reserved.