JFrog DevSecOps Triple Therapy
Learn more about bringing your Dev, Sec and Ops Teams together at https://jfrog.com/
Security | Threat Detection | Cyberattacks | DevSecOps | Compliance
The Latest Cybersecurity News & Insights From Around The World
2023 Security Prediction & Trends for DevOps: Smarter Protection with Data & Intelligence
Earlier this year, JFrog’s Security Research Team performed in-depth analysis of the top 10 most prevalent vulnerabilities in 2022 and found the severity rating of most CVEs were surprisingly OVERRATED. In this on-demand webinar session, you will learn: Here we’ll discuss how organizations can make better decisions, get better processes and use better tools for their DevOps security initiatives in 2023.
Mend CLI
The Mend CLI tool is a great way to embed a Mend scan into any script, like adding it to your pipeline, because it runs and returns results directly in the command line. It can scan proprietary source code or open source libraries from the command line, and return known security vulnerabilities in the open source, or potential security issues in your proprietary code. This is an initial video overview of how to use the Mend CLI to scan your source code
How to Install TLS/SSL Certificates in NetApp ONTAP
HTTPS is the standard method for internet communications that transmit sensitive data. The TLS protocol is the backbone of HTTPS, encrypting connections so transmitted information can’t be intercepted or modified. HTTPS should also be used with local web applications that transmit sensitive data. This includes NetApp servers, since external applications and users need to authenticate, authorize and transfer data with the NetApp ONTAP operating system.
Key Considerations for Building a Successful Cloud Security Program
I recently had the pleasure of participating in a great panel discussion at the San Diego Cyber Security Summit, entitled “Cloud Security — Leveraging Its Strengths and Overcoming Its Vulnerabilities,” alongside representatives from Palo Alto Networks, Gigamon, Sysdig, Lacework, Imperva, and Tufin.
Getting to Know Velero Backup and Important Velero Resources That You Can Utilise
Velero is an open source tool for backing up and restoring resources in a Kubernetes cluster, performing disaster recovery, and migrating resources and persistent volumes to another Kubernetes cluster. Velero backup helps many organizations protect data stored in persistent volumes and makes your entire Kubernetes cluster more resilient. Velero has been pulled over 50M times from DockerHub! It is the most popular data protection choice for the Kubernetes community.
What is Service-to-Service Authorization?
A microservice application comprises small autonomous services that communicate with each other through application programming interfaces (APIs) — as standalone services or via a service mesh. These API calls or requests raise security and compliance concerns if not appropriately secured through authentication and authorization checks. Service-to-service authorization is the process of determining what actions an authenticated service is allowed to perform based on pre-defined policies.
Mend SAST Administration - User Interface Walkthrough
Mend SAST is a SAST (Static Application Security Testing) solution for performing deep and extensive security analysis of application source code. Mend SAST is easy to use, requires almost no user input, and can be deployed during or after development with easy integration into a DevOps environment and CI/CD pipeline. The solution provides an excellent way to automate code inspection as an alternative to the demanding and time-consuming procedure of manual code reviews. Mend SAST supports all major languages and their frameworks, from Android Java to Xamarin C#.
Policy Lifecycle Management from VS Code and CLI with Styra Link
Many engineers like to stick to the IDE or the command line as they use those for their daily tasks instead of jumping into yet another SaaS web application. To improve the Styra DAS experience for them, we developed Styra Link, a tool that allows users to perform most of the tasks of the Styra DAS UI and manage OPA from the CLI or from VS Code. Styra DAS offers a fully integrated policy authoring and lifecycle management experience in a web-based UI.
Securely Deploy Kubernetes Clusters with Teleport Machine ID and GitHub Actions
Current approaches to managing machine identity for infrastructure like Kubernetes Clusters and CI/CD workflows rely on outdated security mechanisms like passwords, shared secrets, and other manual processes that are error prone and increase the risk of breach.