Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

armo

Kubescape adds CIS benchmark, boosting security and compliance scanning

Oct 26, 2022 By Jonathan Kaftzan In ARMO
Kubescape can now automatically scan Kubernetes clusters against the Center for Internet Security (CIS) benchmark, identify compliance gaps, suggest remediations, and monitor for drifts. This feature was born as a direct response to requests we received from Kubescape’s community and we’re excited to launch it. In this version, Kubescape supports CIS Kubernetes V1.23. In the next releases CIS GKE, AKS, and EKS frameworks will be supported as well.
Read Post
Snyk

Snyk's new native integration with Bitbucket Cloud emphasizes dev-first security

Oct 25, 2022 By Sarah Conway In Snyk

Snyk is excited to announce a new, native integration with Atlassian Bitbucket Cloud. This new release improves Snyk’s functionality within Bitbucket Cloud, making installation faster, and easier to implement. Our Bitbucket integration is the first out-of-the-box embedded security experience within the Atlassian UI, enabling users to access high vulnerability counts and rich contextual information right from their native Bitbucket workflow.

Read Post

[Webinar] GitGuardian and TechStrong Present Tackling Secrets at the Enterprise Level

Oct 24, 2022 By GitGuardian In GitGuardian
As DevOps turns to multi-cloud, workload containerization, and infrastructure-as-code, securing and distributing secrets across teams and environments has become a complex undertaking. Left unmanaged, this leads to secrets sprawl; in other words, the exposure of credentials in source control servers, DevOps tools, and every component that makes up the software development life cycle (SDLC). With exposed secrets, attackers can easily access an organization’s critical resources. They can breach the perimeter to carry out attacks, hijack computing power, exfiltrate customer data and compromise the integrity of the software supply chain.
View Video
armo

How to validate Kubernetes YAML files?

Oct 20, 2022 By Bezalel In ARMO
Kubernetes has taken center stage in how we now manage our containerized applications. As a result, many conventions to define our Kubernetes apps exist, including structures such as YAML, JSON, INI, and more. This leaves us to consider what is the best strategy to follow for our applications. Additionally, we must then also ask how we can validate our application configurations depending on the path we’ve chosen in terms of file structure and especially security.
Read Post
Tines

Handle Terraform Cloud infrastructure requests automatically with Tines

Oct 20, 2022 By Shaun Finn In Tines

Tines is pleased to have joined the Terraform Cloud Run Tasks ecosystem. Tines helps DevOps teams better leverage the generally available Terraform Cloud run tasks pre-plan by enabling them to approve and record infrastructure requests from Terraform Cloud automatically.

Read Post
mend

Meticulous Prep and Planning-A Linchpin of Modern AppSec Programs

Oct 20, 2022 By Carol Hildebrand In Mend

This is the second of a six-part blog series that highlights findings from a new Mend white paper, Five Principles of Modern Application Security Programs. Be sure to look out for our upcoming blogs on each of the five principles. It’s no exaggeration to say that IT and application security teams from all organizations are facing a perfect storm.

Read Post

Copyright © 2026 OpsMatters™. All rights reserved.