Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

styra

How to Write Your First Rules in Rego, the Policy Language for OPA

Jun 9, 2022 By Danny Baier In Styra

Rego is the purpose-built declarative policy language that supports Open Policy Agent (OPA). It’s used to write policy that is easy to read and easy to write. Fundamentally, Rego inspects and transforms data in structured documents, allowing OPA to make policy decisions. Rego was originally inspired by Datalog, a common query language with a decades-long history, but extends its capabilities to support structured document models like JSON.

Read Post
teleport

How to Record and Audit Amazon RDS Database Activity With Teleport

Jun 8, 2022 By Janakiram MSV In Teleport

This blog is the final part of a series about secure access to Amazon RDS. In Part 1, we covered how to use OSS Teleport as an identity-aware access proxy to access Amazon RDS instances running in private subnets. Part 2 explained implementing single sign-on (SSO) for Amazon RDS access using Okta and Teleport. Part 3 showed how to configure Teleport access requests to enable just-in-time access requests for Amazon RDS access.

Read Post
Snyk

Bringing cloud native application security full circle

Jun 8, 2022 By Erin Cullen In Snyk

The cloud has enabled organizations to build and deploy applications faster than ever, but security has become more complex. The shift to cloud has created a world where everything is code — not just the applications, but also the infrastructure they run on. So, any security issue within an application or cloud environment can put an entire system at risk. And keeping that cloud native application stack secure is increasingly the responsibility of development teams.

Read Post
teleport

Is VPN or Zero Trust Access Best for Remote Working Security?

Jun 7, 2022 By Sheekha Singh In Teleport

The pandemic changed the way people work, and many companies have been fast to adapt to this shift in work culture by encouraging and promoting remote and hybrid work. Zero Trust Network Access or ZTNA is gaining popularity as a secure alternative to corporate VPN-based access to the internal application and network services.

Read Post

Rise of the Secure Developer from Atlassian Team '22: Tomás González - Partner Solution Architect

Jun 7, 2022 By Snyk In Snyk
This talk by Tomas Gonzalez, partner solutions architect at Snyk, talks about the rise of the security-conscious developer - someone who champions the use of new cloud technologies with a security mindset. This doesn’t mean developers are solely responsible for security risk management in isolation; secure developers are aware of risk management processes, are armed with the right technology to enforce them, and apply a shared-responsibility mentality to enable an agile, thriving secure business.
View Video

Enabling Self-Service Recovery in a Multi-Tenant Kubernetes Environment with CloudCasa and Capsule

Jun 6, 2022 By CloudCasa In CloudCasa
At KubeCon Europe 2022, we held a virtual booth office hour session with our new partner Clastix. In this video, Dario Tranchitella, the lead architect for Capsule by Clastix discusses and demonstrates how the combination of Capsule and CloudCasa provides easy self-service backup and recovery in a multi-tenant Kubernetes environment.
View Video

How Malicious NPM Packages Make Your Apps Vulnerable

Jun 6, 2022 By Snyk In Snyk
Zbyszek Tenerowicz (a.k.a. ZB) teaches us how we can be susceptible to malicious packages as developers. We also see demos on the possibilities of what a malicious package can do such as modify code, package.json publish scripts and more. You're sure to learn something new in this session and level up your Developer security skills. This was a recorded livestream titled "My NPM Package Will Eat Your Lunch".
View Video
mend

Introducing Mend Supply Chain Defender Integration with JFrog Artifactory

Jun 3, 2022 By Jack Marsal In Mend

When it comes to understanding the difference between open source software vulnerabilities and malicious threats, it’s helpful to think in terms of passive vs. active threats. Vulnerabilities can be attacked and exploited, but in a vacuum don’t pose a threat. Malicious threats are different —– they involve a threat actor actively planning to attack you.

Read Post

Copyright © 2026 OpsMatters™. All rights reserved.