Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

teleport

How Gluu provides clients instant access to their Open-source platform using Teleport

Oct 3, 2022 By Nate Magee In Teleport

With Teleport, Gluu can provide its clients with near-instantaneous access to its open-source software, allowing them to get up and running in minutes. This is a huge benefit for organizations who need to quickly provision their tools in order to start using them. In the past, Gluu has documented many ways that it uses Teleport to provide Gluu clients a gateway for their tools.

Read Post
mend

Are You CODEfident?

Oct 3, 2022 By Arabella Hallawell In Mend

We’ve been watching the global transition to an app-driven world for some time now, as companies develop and deploy innovative software at warp speed. And we’ve also watched application security teams struggle to keep up. Many try to use yesterday’s tools for today’s AppSec reality, while others wrestle with immature application security programs. And that’s when we realized: modern application security programs are different. They run on CODEfidence. Let me explain.

Read Post
mend

Cybercriminals targeted users of packages with a total of 1.5 billion weekly downloads on npm

Oct 2, 2022 By Maciej Mensfeld In Mend

Another week, another supply chain incident. It’s been only nine days since the Mend research team detected the dYdX incident, and today we have detected another supply chain malicious campaign. On October 02, 2022 at 12:12 UTC, a new npm account was registered, and a package called nuiversalify was immediately uploaded. The same threat actor then proceeded to publish more typo/spellcheck squattings of popular packages until 14:03:29 UTC, with small but irregular time gaps between uploads.

Read Post
styra

How Styra DAS Entitlements Power Application Authorization

Sep 30, 2022 By Danny Baier In Styra

With the power of modern cloud computing, enterprises are building and updating applications quicker than ever. Expanding your business through the cloud is a fast-paced endeavor, which can be daunting to IAM teams more familiar with on-premises setups. While running applications on self-hosted infrastructure is still a best practice in some cases, businesses are finding it easier than ever to find and pounce on opportunities for growth by shifting to the cloud.

Read Post
Snyk

Snyk IaC for Terraform Enterprise: Expanding Snyk compatibility with HashiCorp Terraform

Sep 28, 2022 By Sarah Conway In Snyk

Even the most precise and regimented DevOps teams can be plagued by numerous post-deployment security issues, causing potentially damaging production delays and engineering rework. Building on Snyk’s successful acceleration of DevSecOps, Snyk IaC empowers developers to treat Terraform like any other form of code and proactively test IaC early as well as continuously monitor infrastructure post-deployment.

Read Post

Introduction to OWASP's Vulnerable Node.js Apps: Part 1 | Snyk

Sep 28, 2022 By Snyk In Snyk
Introduction to OWASP's Vulnerable Node.js Apps During this livestream we give an introduction to a vulnerable Node.js application created by the OWASP organization. We also show how some of the OWASP Top 10 security risks apply to web applications, and also how to mitigate these concerns. Didn't catch the live stream? Ask all of your Snyk questions and we’ll do our very best to answer them in the comment section.
View Video

Stranger Danger: Your Java Attack Surface Just Got Bigger

Sep 28, 2022 By Snyk In Snyk
Building Java applications today means that we take a step further from writing code. We use open-source dependencies, create a Dockerfile to deploy containers to the cloud, and orchestrate this infrastructure with Kubernetes. Welcome, you're a cloud native application developer! As developers, our responsibility broadened, and more software means more software security concerns for us to address.
View Video

Copyright © 2026 OpsMatters™. All rights reserved.