%term

Leverage the HashiCorp Cloud Platform Vault with Tines

Nov 22, 2022 By Shaun Finn In Tines

Security teams often have key management systems that encrypt and securely hold their applications' credentials. Instead of entering these credentials into your automation Stories every time, you can leverage Tines to retrieve an application's credentials whenever you require them in a workflow. Tines continues to expand our partnership with HashiCorp and allows mutual users to connect with the HCP Vault by using the AppRole authentication method.

Read Post

Tines

Read more about Leverage the HashiCorp Cloud Platform Vault with Tines

Securing a Kubernetes Cluster | 5 Tips

Nov 22, 2022 By Teleport In Teleport

A default Kubernetes cluster isn't safe by default. You have secrets in plain text, open and unencrypted pod to pod communication, insecure access, and much more to tighten down. In this video, we'll discuss 5 strategies to better secure your Kubernetes cluster from the outset.

View Video

Teleport

Read more about Securing a Kubernetes Cluster | 5 Tips

Shifting Left with the Crowdstrike and AWS CI/CD Pipeline

Nov 22, 2022 By CrowdStrike In CrowdStrike

CI/CD combines the practices of continuous integration (CI) and Continuous Delivery (CD) to allow DevOps teams to deliver code updates frequently, reliably, and quickly. CI/CD emphasizes automation throughout the development lifecycle (Buid, Test, Deploy). By replacing the manual efforts of traditional development, code releases can happen more frequently, and with less bugs and security vulnerabilities. At CrowdStrike, we focus on integrating security into the CI/CD pipeline. As part of the functionality of CrowdStrike’s Falcon Cloud Workload Protection (CWP), customers have the ability to create verified image policies to ensure that only approved images are allowed to progress through the CI/CD pipeline and run in their hosts or Kubernetes clusters.

View Video

CrowdStrike

Read more about Shifting Left with the Crowdstrike and AWS CI/CD Pipeline

Project Pyrsia: Securing the OSS Supply Chain

Nov 22, 2022 By JFrog In JFrog

In this video, learn the mission of Project Pyrsia, how it aids in securing the #softwaresupplychain and why it matters—from project partners at JFrog, DeployHub, and Oracle!

View Video

JFrog

Read more about Project Pyrsia: Securing the OSS Supply Chain

Integrating Dependency Management Into Cloud Services: The Mend-AWS Partnership

Nov 22, 2022 By Adam Murray In Mend

The ongoing growth in the adoption of cloud services poses escalating opportunities and risks in equal measure. The increased capacity and scalability of cloud environment lends itself to an accelerated pace and higher volume of software and application development than ever before. This trend brings into play a huge increase in the number of software components and dependencies that developers use in their code bases.

Read Post

Mend

Read more about Integrating Dependency Management Into Cloud Services: The Mend-AWS Partnership

Announcing Mend SCA for Bitbucket Cloud Integration

Nov 21, 2022 By Jeanette Sherman In Mend

We’re proud to announce that Bitbucket Cloud users can now unlock the full power of Mend for automatic detection and remediation of open source risk. With the release of our new Bitbucket Cloud integration in the Atlassian Marketplace, Mend now makes it possible for developers to find and eliminate vulnerabilities, all while staying in their Bitbucket Cloud repositories.

Read Post

Mend

Read more about Announcing Mend SCA for Bitbucket Cloud Integration

2 million .git directories exposed! Why .git folders are sensitive & how they are leaked publicly

Nov 21, 2022 By GitGuardian In GitGuardian

In this video, we look through research by CyberNews and other independent researchers that exposes the huge problem of publicly accessible.git directories hosted on web servers. These folders contain all the metadata from a git repository including all the history, commit data and remote host information. These can contain lots of sensitive information that hackers can use to exploit your website and are often very sensitive. We look in detail at what.git directories are, what sensitive information they contain and how they become accidentally public.

View Video

GitGuardian

Read more about 2 million .git directories exposed! Why .git folders are sensitive & how they are leaked publicly

FuzzCon Europe - Automotive Edition 2022

Nov 18, 2022 By Code Intelligence In Code Intelligence

FuzzCon Automotive is an uprising application security testing conference, bringing together developers, DevOps Engineers, and security experts to make automotive software more reliable and secure. Stay tuned for details about the speakers, agenda, and more!

View Video

Code Intelligence

Read more about FuzzCon Europe - Automotive Edition 2022

TLS Routing Support for Teleport Behind an AWS Application Load Balancer

Nov 18, 2022 By Steve Huang In Teleport

In Teleport 8, we introduced the TLS Routing feature that can multiplex all client connections on a single TLS/SSL port. Recently we've added support for TLS Routing for Database Access when Teleport is deployed behind an AWS Application Load Balancer (ALB). In this article, we will take a deep look at the problem with Teleport behind an ALB and how we solved it.

Read Post

Teleport

Read more about TLS Routing Support for Teleport Behind an AWS Application Load Balancer

Modern Application Security Needs More Than Tech. Don't Neglect Governance

Nov 17, 2022 By Carol Hildebrand In Mend

This is the fifth of a six-part blog series that highlights findings from a new Mend white paper, Five Principles of Modern Application Security Programs. Be sure to look out for our upcoming blogs on each of the five principles. While IT and security professionals all generally agree that cyberattacks are on the rise, there remains a great deal of disparity in how they choose to prepare for those attacks.

Read Post

Mend

Read more about Modern Application Security Needs More Than Tech. Don't Neglect Governance

Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

Leverage the HashiCorp Cloud Platform Vault with Tines

Securing a Kubernetes Cluster | 5 Tips

Shifting Left with the Crowdstrike and AWS CI/CD Pipeline

Project Pyrsia: Securing the OSS Supply Chain

Integrating Dependency Management Into Cloud Services: The Mend-AWS Partnership

Announcing Mend SCA for Bitbucket Cloud Integration

2 million .git directories exposed! Why .git folders are sensitive & how they are leaked publicly

FuzzCon Europe - Automotive Edition 2022

TLS Routing Support for Teleport Behind an AWS Application Load Balancer

Modern Application Security Needs More Than Tech. Don't Neglect Governance

Monthly Archive

Follow Us