Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

Scanning a container image for vulnerabilities or misconfigurations on your GitLab CI/CD using Sysdig Secure is a straightforward process. This article demonstrates a step-by-step example of how to do it. The following proof of content showcased how to leverage the sysdig-cli-scanner with GitLab CI/CD. Although possible, this procedure is not officially supported by Sysdig, so we recommend checking the documentation to adapt these steps to your environment.

This is the first of a six-part blog series that highlights findings from a new Mend white paper, Five Principles of Modern Application Security Programs. Be sure to look out for our upcoming blogs on each of the five principles. The COVID-19 pandemic accelerated the digitalization plans for global organizations by three years, while the adoption rate for digitized products and services increased by seven years.

One of the most important features Teleport has to offer is that it centralizes all of your infrastructure’s audit logging into one central place, mapping every query, every command and every session to an individual user's identity. As you hire more engineers and resources scale, it can become increasingly difficult to manage all of this log data. Luckily Teleport’s extensibility makes this log data extremely easy to format, export and monitor all in a secure, event-driven way.

Security Assertion Markup Language 2.0, or more commonly known as SAML in the industry, is one of the most used protocols for single-sign-on on the modern web. It allows an application like Teleport to communicate with an upstream identity provider like Okta or Google Workspace to securely get trusted information about users when they log in, removing the need for sign-ups, log-ins and tying identities to people inside the application.