%term

How Malicious NPM Packages Make Your Apps Vulnerable

Jun 6, 2022 By Snyk In Snyk

Zbyszek Tenerowicz (a.k.a. ZB) teaches us how we can be susceptible to malicious packages as developers. We also see demos on the possibilities of what a malicious package can do such as modify code, package.json publish scripts and more. You're sure to learn something new in this session and level up your Developer security skills. This was a recorded livestream titled "My NPM Package Will Eat Your Lunch".

View Video

Snyk

Read more about How Malicious NPM Packages Make Your Apps Vulnerable

Instruqt Database Access Demo Intro

Jun 6, 2022 By Teleport In Teleport

https://play.instruqt.com/teleport/tracks/teleport-database-access-demo

View Video

Teleport

Read more about Instruqt Database Access Demo Intro

Introducing Mend Supply Chain Defender Integration with JFrog Artifactory

Jun 3, 2022 By Jack Marsal In Mend

When it comes to understanding the difference between open source software vulnerabilities and malicious threats, it’s helpful to think in terms of passive vs. active threats. Vulnerabilities can be attacked and exploited, but in a vacuum don’t pose a threat. Malicious threats are different —– they involve a threat actor actively planning to attack you.

Read Post

Mend

Read more about Introducing Mend Supply Chain Defender Integration with JFrog Artifactory

Amazon RDS Just-in-Time (JIT) Access With Teleport and Slack

Jun 3, 2022 By Janakiram MSV In Teleport

This blog is part three in a series about secure access to Amazon RDS. In Part 1, we covered how to use OSS Teleport as an identity-aware access proxy to access Amazon RDS instances running in private subnets. Part 2 explained implementing single sign-on (SSO) for Amazon RDS access using Okta and Teleport. In Part 3, we will guide you through the steps to configure privilege escalation for just-in-time access requests for Amazon RDS access.

Read Post

Teleport

Read more about Amazon RDS Just-in-Time (JIT) Access With Teleport and Slack

Software Supply Chain Security for Open Source Projects

Jun 2, 2022 By JFrog In JFrog

Attacks on the open-source value chain (OS supply chain) are becoming more sophisticated, and we, as software developers, are becoming the focus of these attacks. So what are the essential first steps, and what should you focus on? This raises the question of suitable methods and tools. At the same time, the company's strategic orientation must be considered in this security strategy. In the recent past, we have also learned that attacks are increasingly targeting individual infrastructure elements of software development, such as the classic CI/CD pipeline.

View Video

JFrog

Read more about Software Supply Chain Security for Open Source Projects

Code to cloud and back to code!

Jun 2, 2022 By Snyk In Snyk

Developer-focused security from code to cloud, and back to code. Snyk helps software-driven businesses develop fast and stay secure. Continuously find and fix vulnerabilities for npm, Maven, NuGet, RubyGems, PyPI and more.

View Video

Snyk

Read more about Code to cloud and back to code!

Developing Secure Software With Confidence

Jun 2, 2022 By Colleen Reidy In Veracode

Software development and security often have separate challenges and concerns. Developers are worried about pushing software to production in a timely manner. Security teams worry about the security of the code being pushed. Veracode offers a solution that meets the needs of both sides. On Peerspot, where Veracode is ranked number one in application security, users discuss how Veracode enables them to build an advanced application security program.

Read Post

Veracode

Read more about Developing Secure Software With Confidence

Software Supply Chain Security for Open Source Projects - it's time to prepare!

Jun 2, 2022 By JFrog In JFrog

Attacks on the open-source value chain (OS supply chain) are becoming more sophisticated, and we, as software developers, are becoming the focus of these attacks. So what are the essential first steps, and what should you focus on? This raises the question of suitable methods and tools. At the same time, the company's strategic orientation must be considered in this security strategy. In the recent past, we have also learned that attacks are increasingly targeting individual infrastructure elements of software development, such as the classic CI/CD pipeline.

View Video

JFrog

Read more about Software Supply Chain Security for Open Source Projects - it's time to prepare!

Introduction to Teleport

Jun 2, 2022 By Teleport In Teleport

Want to know how Teleport’s Access Plane technology replaces VPNs, shared credentials, and legacy privileged access management technologies, improving security and engineering productivity? Learn more about Teleport’s Certificate Authority and Access Plane for your infrastructure so you can: ➢ Set up single sign-on and have one place to access your SSH servers, Kubernetes, databases, Windows desktops, and web apps.➢ Use your favorite programming language to define access policies to your infrastructure.➢ Share and record interactive sessions across all environments.

View Video

Teleport

Read more about Introduction to Teleport

NPM Dependency Confusion

Jun 1, 2022 By Snyk In Snyk

Snyk helps software-driven businesses develop fast and stay secure. Continuously find and fix vulnerabilities for npm, Maven, NuGet, RubyGems, PyPI and more.

View Video

Snyk

Read more about NPM Dependency Confusion

Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

How Malicious NPM Packages Make Your Apps Vulnerable

Instruqt Database Access Demo Intro

Introducing Mend Supply Chain Defender Integration with JFrog Artifactory

Amazon RDS Just-in-Time (JIT) Access With Teleport and Slack

Software Supply Chain Security for Open Source Projects

Code to cloud and back to code!

Developing Secure Software With Confidence

Software Supply Chain Security for Open Source Projects - it's time to prepare!

Introduction to Teleport

NPM Dependency Confusion

Monthly Archive

Follow Us