Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

[Webinar] Detecting intrusion in DevOps environments with AWS canary tokens

Jul 27, 2022 By GitGuardian In GitGuardian
Last year, hardcoded secrets made it 2nd to the OWASP Top 10 Web Application Security Risks. This year, the vulnerability gained a spot and now ranks 15th on the MITRE CWE Top 25 Most Dangerous Software Weaknesses. Needless to say, no organization wants to have its secrets exposed during software development. But what if I told you security teams could use hardcoded secrets to their advantage? Join me on Wednesday, July 27th, for a live discussion with Eric Fourrier, CTO at GitGuardian, on how to detect compromised developer and DevOps environments with canary tokens.
View Video
mend

How attackers leverage example apps/reproduction scripts to attack OSS maintainers

Jul 26, 2022 By Maciej Mensfeld In Mend

A possible method of attacking your code base is a bit of social engineering that involves using open source to report potential bugs in software that provides reproduction applications. These applications can include malicious code that can compromise your software and applications. In the blog post, we’ll briefly look at why and how they operate, and how to mitigate this practice.

Read Post
armo

The New Kubernetes Gateway API and Its Use Cases

Jul 25, 2022 By Leonid Sandler In ARMO
Despite being a large open-source and complex project, Kubernetes keeps on evolving at an impressive pace. Being at the center of various platforms and solutions, the biggest challenge for the Kubernetes project is to remain vendor-neutral. This is the reason the community has come up with Kubernetes Gateway API.
Read Post
teleport

Securing MySQL Databases with SSL/TLS.

Jul 25, 2022 By Ben Arent In Teleport

Many databases were born over 25 years ago, back in the unadulterated times of LAN parties and IRC. SSL was just for banks and sending unencrypted database traffic accounts was just how you did things. When databases use unencrypted connections, it means someone with access to the network could watch all and inspect all database traffic.

Read Post
teleport

Production MySQL SSL with Teleport Machine ID

Jul 25, 2022 By Ben Arent In Teleport

In the first part of this blog post, we setup SSL/TLS for a MySQL database, using the built in self-signed certificates. The main problem using out of the box self-signed certificates is that clients can't verify that they're talking to the right database host, and it's not possible to verify the certificate chain. In this post we'll cover upgrading the client connection to VERIFY_IDENTITY and how to use Machine ID to continuously renew certificates.

Read Post
CalCom

Which TLS version is obsolete?

Jul 25, 2022 By John Gates In CalCom
Transport Layer Security is a security protocol used for facilitating seamless and safe communication between servers and web browsers. Put it his way, TLS encrypts data so that only the intended recipient and the sender can access it. Currently, TLS 1.2 and TLS 1.3 are the most commonly used TLS versions. After some major upgrades, TLS’s 1.3 version has emerged as one of the most extensively used and the safest security protocols for websites that need a high-end encryption service.
Read Post
tripwire

How DevOps and CIS Security Controls Fit Together

Jul 25, 2022 By Anthony Israel-Davis In Tripwire

The Center for Internet Security’s Critical Security Controls has become an industry standard set of controls for securing the enterprise. Now on version 8, the original 20 controls are down to 18 with several sub controls added. The first six basic controls can prevent 85 percent of the most common cyber attacks, and even though the controls have been developed with traditional data centers and process in mind, there is no reason they can’t be adapted to DevOps practices.

Read Post

Copyright © 2026 OpsMatters™. All rights reserved.