Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

Stranger Danger: Your Java Attack Surface Just Got Bigger

Aug 24, 2022 By Snyk In Snyk
Building Java applications today means that we take a step further from writing code. We use open-source dependencies, create a Dockerfile to deploy containers to the cloud, and orchestrate this infrastructure with Kubernetes. Welcome, you're a cloud native application developer! As developers, our responsibility broadened, and more software means more software security concerns for us to address.
View Video
trustcloud

New Integrations Just Announced: CircleCI and Travis CI

Aug 23, 2022 By Tejas Ranade In TrustCloud

Since working on a spreadsheet, you and your team have come a long way. You’re enjoying the ease of working in TrustOps because it automates control mapping, test creation, and evidence workflows. However, you’re looking for ways to save a bit more time, so you can focus on your day job and growing list of priorities. Collecting evidence to validate compliance controls takes time and affects your team’s productivity, including HR, IT, and DevOps.

Read Post
armo

Kubernetes version 1.25 - everything you should know

Aug 22, 2022 By Amir Kaushansky In ARMO
Kubernetes' new version - version 1.25 - will be released on Tuesday 23rd August 2022, and it comes with 40 new enhancements in various areas and numerous bug fixes. This blog will focus on the highlighted changes from each special interest group (SIG) in the upcoming release and ensure you are confident before upgrading your clusters.
Read Post
armo

Code repository scanning & Container image registry scanning with Kubescape

Aug 20, 2022 By Jonathan Kaftzan In ARMO
New exciting Kubescape features have recently landed - Code repository scanning & Container image registry scanning! By enhancing Kubescape's security posture capabilities, you will be able to embed security even earlier in the SDLC (Software Development Lifecycle) and in a broader range of places in your CI/CD pipeline.
Read Post
mend

Mining Malware History for Clues on Malicious Package Innovation

Aug 18, 2022 By Daniel Elkabes In Mend

Malware has come a long way since it first made the scene in the late 1990s, with news of viruses infecting random personal computers worldwide. These days, of course, attackers have moved beyond these humble roots. Now they deploy a variety of innovative techniques to extract large amounts of money from businesses around the world. A similar development is taking place with malware’s upstart cousin – the emergence of malicious packages being uploaded to package registries.

Read Post

Why You Need to Ditch Passwords, Private Keys, and All Other Forms of Secrets

Aug 18, 2022 By Teleport In Teleport
Despite the steady drumbeat of news stories on security breaches caused by compromised credentials, 70% of teams still use secrets such as private keys or passwords to grant infrastructure access. In this webinar, we’ll cover why all forms of secrets are bad for you and your business, and why MFA is not good enough. We'll cover how the adoption of Passwordless Authentication and related hardware technologies like TPMs and HSMs fix a slew of problems, including making phishing attacks a thing of the past.
View Video

Signing Kubernetes with Sigstore

Aug 17, 2022 By Snyk In Snyk
Adolfo García Veytia, Staff Software Engineer at ChainGuard and Tech Lead on the Kubernetes SIG-Release team, joins Eric and Kyle to talk about how they were able to tackle signing all of the Kubernetes v1.24 image artifacts using Sigstore. Then we will demonstrate signing an image and vulnerability scan result attestations with Sigstore's cosign utility.
View Video

Copyright © 2026 OpsMatters™. All rights reserved.