%term

Learning application security by finding and fixing insecure code in OWASP NodeGoat

Jul 6, 2021 By Snyk In Snyk

Wouldn't it be great if we, developers, learn about application security by training on purposely-built vulnerable applications rather than finding our mistakes in production? Yes, we think so too. In this session, we welcome Priscila Oliveira, Software Engineer at Sentry and core contributor of open source npm proxy project Verdaccio, to chat about her appsec experiences as developer, and learn together about secure coding practices, how to hack a live application, open source vulnerabilities and how to fix them.

View Video

Snyk

Read more about Learning application security by finding and fixing insecure code in OWASP NodeGoat

Use the Jenkins Credentials Binding Plugin to Protect Your Veracode Credentials

Jul 6, 2021 By Veracode In Veracode

In this video, you will learn how to: You can use the Jenkins Credentials Binding Plugin to hide your Veracode API credentials from the Jenkins interface and logs. You use the plugin to associate, or bind, your Veracode API credentials to environment variables and save them to the Jenkins credentials store. During a build, Jenkins uses the environment variables to secretly access your credentials. The Jenkins interface and logs only show the bound environment variables.

View Video

Veracode

Read more about Use the Jenkins Credentials Binding Plugin to Protect Your Veracode Credentials

JFrog And Red Hat DevSecOps Security Series

Jul 6, 2021 By JFrog In JFrog

Accurately detecting and mitigating security vulnerabilities is critical for any enterprise. JFrog’s ongoing collaboration with Red Hat provides the DevOps community with enterprise-grade DevSecOps capabilities, enabling you to deliver high-quality, and more secure software, anywhere. As part of the Red Hat DevSecOps Security Series, Join us on July 1st for JFrog & Red Hat’s perspective on application analysis and how JFrog’s recently achieved Vulnerability Scanner Certification helps identify vulnerabilities in applications, images and configurations early in your lifecycle.

View Video

JFrog

Read more about JFrog And Red Hat DevSecOps Security Series

Networking with a Service Mesh: Use Cases, Best Practices, and Comparison of Top Mesh Options

Jul 4, 2021 By Amir Kaushansky In ARMO

Service mesh technology emerged with the popularization of microservice architectures. Because service mesh facilitates the separation of networking from the business logic, it enables you to focus on your application’s core competency. Microservice applications are distributed over multiple servers, data centers, or continents, making them highly network dependent.

Read Post

ARMO

Read more about Networking with a Service Mesh: Use Cases, Best Practices, and Comparison of Top Mesh Options

Calligo wins at the DevOps Excellence Awards 2021

Jul 1, 2021 By Will Gardiner In Calligo

Calligo wins ‘Best DevOps Transformation’ up against a heavyweight shortlist including IBM, Infosys, Sky, Accenture and Telefonica. Computing’s annual DevOps Excellence Awards aim to recognise and celebrate the best DevOps deployments, teams, outcomes and impacts in business over the last 12 months. Calligo was shortlisted in the Best DevOps Transformation category, alongside such industry heavyweights as IBM, Infosys, Sky, Accenture and Telefonica.

Read Post

Calligo

Read more about Calligo wins at the DevOps Excellence Awards 2021

Talking visibility, scalability, and relationships in secure development with Phil Guimond of ViacomCBS

Jul 1, 2021 By Simon Maple In Snyk

I recently caught up with Phil Guimond, Principal Cloud Security Architect at ViacomCBS. He describes his role as a fancy way of saying he likes to be involved in All The Things™. This includes cloud security and architecture, application security, penetration testing, and digital forensics and incident response, and even vendor reviews and risk management from time to time. He works in a very cross-functional team. We had a great discussion, and I wanted to share it with all of you.

Read Post

Snyk

Read more about Talking visibility, scalability, and relationships in secure development with Phil Guimond of ViacomCBS

What Is Penetration Testing? A Detailed Guide

Jul 1, 2021 By Patricia Johnson In Mend

Penetration testing is a common technique used to analyze the security posture of IT infrastructure. Web application penetration testing can assist you in identifying the potential security weaknesses in your web-based applications so that they can be fixed before attackers exploit them.

Read Post

Mend

Read more about What Is Penetration Testing? A Detailed Guide

6 Ways to Support a Remote DevOps Team

Jun 30, 2021 By Chester Avey In SecuritySenses

Remote working is here to stay, so it's vital that businesses understand how to get the best out of their staff. For some roles, working remotely is easier than others - DevOps employees, for example, can face challenges if they're not fully supported within the organisation. In a distributed workforce, there's a higher risk of security issues and application problems, so it's crucial that organisations support them to keep the organisation running smoothly. Here are 6 ways to do just that.

Read Post

SecuritySenses

Read more about 6 Ways to Support a Remote DevOps Team

Snyk at RSAC 2021 - ML in SAST: Distraction or Disruption

Jun 30, 2021 By Frank Fischer In Snyk

Machine learning is a loaded term. While machine learning offers amazing potential for advancing technologies, it often gets used as a marketing buzzword describing glorified pattern recognition. So it becomes increasingly difficult to know if the application of machine learning to existing technology is going to break new ground or sell more licenses. That’s the problem that Frank Fischer, Product Marketing for Snyk Code, explores in his RSAC 2021 talk ML in SAST: Disruption or Distraction.

Read Post

Snyk

Read more about Snyk at RSAC 2021 - ML in SAST: Distraction or Disruption

Tokens, TLS and Teleport

Jun 30, 2021 By Teleport In Teleport

This webinar is a deep dive into how to use Tokens to add resources to Teleport. Into a range of options and operational best practices for securing tokens. This webinar will be useful for people getting started with Teleport and we’ll cover some advanced deployment issues and real-world scenarios with Steven Martin.

View Video

Teleport

Read more about Tokens, TLS and Teleport

Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

Learning application security by finding and fixing insecure code in OWASP NodeGoat

Use the Jenkins Credentials Binding Plugin to Protect Your Veracode Credentials

JFrog And Red Hat DevSecOps Security Series

Networking with a Service Mesh: Use Cases, Best Practices, and Comparison of Top Mesh Options

Calligo wins at the DevOps Excellence Awards 2021

Talking visibility, scalability, and relationships in secure development with Phil Guimond of ViacomCBS

What Is Penetration Testing? A Detailed Guide

6 Ways to Support a Remote DevOps Team

Snyk at RSAC 2021 - ML in SAST: Distraction or Disruption

Tokens, TLS and Teleport

Monthly Archive

Follow Us