%term

Last year, hardcoded secrets made it 2nd to the OWASP Top 10 Web Application Security Risks. This year, the vulnerability gained a spot and now ranks 15th on the MITRE CWE Top 25 Most Dangerous Software Weaknesses. Needless to say, no organization wants to have its secrets exposed during software development. But what if I told you security teams could use hardcoded secrets to their advantage? Join me on Wednesday, July 27th, for a live discussion with Eric Fourrier, CTO at GitGuardian, on how to detect compromised developer and DevOps environments with canary tokens.

View Video

GitGuardian

Read more about [Webinar] Detecting intrusion in DevOps environments with AWS canary tokens

What's New in Teleport 10

Jul 27, 2022 By Sakshyam Shah In Teleport

This post introduces all the features released in Teleport 10. Teleport 10 includes version 10.0, 10.1, 10.2 and 10.3. You can always find an up-to-date status of Teleport releases in our docs. Teleport 10 is the biggest release so far in the history of Teleport in terms of feature sets. Before we dive into all the Teleport 10 features, let me first introduce you to...

Read Post

Teleport

Read more about What's New in Teleport 10

How to Access Infrastructure Without Usernames and Passwords

Jul 27, 2022 By Ev Kontsevoy In Teleport

A password is a secret, and a secret can be lost, stolen or traded on dark web marketplaces. Most engineers know this, that’s why every SSH tutorial begins with the instructions for disabling passwords and enabling private/public key pairs. But a private key is just another form of a secret. In this article, I will try to explain why all forms of secrets are bad for you.

Read Post

Teleport

Read more about How to Access Infrastructure Without Usernames and Passwords

The Developer's Guide to IaC Scanning

Jul 27, 2022 By Eyal Katz In Spectral

IaC (infrastructure as code) is the latest tool to transform the face of IT infrastructure – in a nutshell, it means managing and provisioning infrastructure through code instead of manual processes. IaC provides developers with a blueprint that allows them to create tools and provision infrastructure on-demand while staying in control, increasing efficiency, and maintaining consistency when deploying updates and changes.

Read Post

Spectral

Read more about The Developer's Guide to IaC Scanning

Stranger Danger: Your JavaScript Attack Surface Just Got Bigger

Jul 27, 2022 By Snyk In Snyk

Snyk helps software-driven businesses develop fast and stay secure. Continuously find and fix vulnerabilities for npm, Maven, NuGet, RubyGems, PyPI and more.

View Video

Snyk

Read more about Stranger Danger: Your JavaScript Attack Surface Just Got Bigger

Snyk Demo in 20 Minutes | 2022

Jul 26, 2022 By Snyk In Snyk

Snyk helps software-driven businesses develop fast and stay secure. Continuously find and fix vulnerabilities for npm, Maven, NuGet, RubyGems, PyPI and more.

View Video

Snyk

Read more about Snyk Demo in 20 Minutes | 2022

Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

Teleport: Getting started on a Linux Sever

Introducing Teleport 10 Passwordless

Teleport Resource Access Requests

Teleport 10

[Webinar] Detecting intrusion in DevOps environments with AWS canary tokens

What's New in Teleport 10

How to Access Infrastructure Without Usernames and Passwords

The Developer's Guide to IaC Scanning

Stranger Danger: Your JavaScript Attack Surface Just Got Bigger

Snyk Demo in 20 Minutes | 2022

Monthly Archive

Follow Us