DevSecOps

Data Flow Mapping: Why It Matters and How to Do It

Jul 28, 2022 By Guest Contributor In Bearer

Working with data is something that requires a lot of care and precision, yet it often remains an under-scrutinized aspect of DevSecOps. This is because it requires focusing on many moving parts. You need to know exactly when data events occur, what parties are involved, and how they send and store data. In any process with more than minimal complexity, this is a huge web of events. Data flow mapping is the key to detangling that web.

Read Post

Bearer

Read more about Data Flow Mapping: Why It Matters and How to Do It

Snyk Unveils Snyk Cloud, the Industry's First Developer-Centric Cloud Security Solution

Jul 26, 2022 By Snyk In Snyk

New Product Secures the Cloud from Code Through Runtime, Facilitating DevSecOps Collaboration.

Read Post

Snyk

Read more about Snyk Unveils Snyk Cloud, the Industry's First Developer-Centric Cloud Security Solution

CrowdStrike Expands CNAPP Capabilities to Secure Containers and Help Developers Rapidly Identify and Remediate Cloud Vulnerabilities

Jul 26, 2022 By CrowdStrike In CrowdStrike

Expansion of agent-based and agentless protection provides support for Amazon ECS allowing DevSecOps teams to build even more securely on AWS environments.

Read Post

CrowdStrike

Read more about CrowdStrike Expands CNAPP Capabilities to Secure Containers and Help Developers Rapidly Identify and Remediate Cloud Vulnerabilities

Wet signatures cost more than you might think

Jul 25, 2022 By Rob Brown In DataTrails

Speaking to people on our neighbouring booths at the UK nuclear decommissioning event, it was clear to see the entire industry is drowning in paperwork.

Read Post

DataTrails

Read more about Wet signatures cost more than you might think

5 Essential Skills to Become a DevSecOps Engineer

Jul 22, 2022 By Barış Ekin Yıldırım In Kondukto

Security has become increasingly integrated with software development over the last few years, and the software industry needed a new role to own secure software development processes. As a result, DevSecOps Engineer role has emerged and gained popularity in the last decade. DevSecOps is the abbreviation of three words; Development, security, and operations, and it aims to develop applications more securely in the software development life cycle (SDLC).

Read Post

Kondukto

Read more about 5 Essential Skills to Become a DevSecOps Engineer

Webinar recap: Snyk and the new era of software security

Jul 21, 2022 By Sarah Wills In Snyk

Snyk’s Senior Product Marketing Manager, Frank Fischer, recently hosted a webinar about the value in using a developer security platform to secure code, dependencies, containers, and infrastructure as code (IaC). During this talk, Fischer discussed the shift in software security that has occurred over the past decade, the need for developers to take part in the security process, and the value of Snyk in securing the entire development lifecycle.

Read Post

Snyk

Read more about Webinar recap: Snyk and the new era of software security

How To Put Cloud Nimble to Work to Shift Left Security

Jul 20, 2022 By John Cabaniss and Gianni Truzzi In JFrog

Shifting security left means preventing developers from using unacceptably vulnerable software supply chain components as early as possible: before their first build. By helping assure that no build is ever created using packages with known vulnerabilities, this saves substantial remediation costs in advance. Some JFrog customers restrict the use of open source software (OSS) packages to only those that have been screened and approved by their security team.

Read Post

JFrog

Read more about How To Put Cloud Nimble to Work to Shift Left Security

Rezilion|Gitlab integration

Jul 13, 2022 By Rezilion In Rezilion

View a demonstration of Rezilion's integration with GitLab to see how you can reduce patching efforts by 85% so you can code more, release faster, and patch less.

View Video

Rezilion

Read more about Rezilion|Gitlab integration

Rezilion Unveils Broad Lineup Platform Enhancements, Providing Organizations with Holistic and Automated Toolset to Accelerate Software Security

Jul 12, 2022 By Rezilion In Rezilion

Rezilion announces the full availability of its new, automated vulnerability management solution to identify, prioritize, and remediate vulnerable software.

Read Post

Rezilion

Read more about Rezilion Unveils Broad Lineup Platform Enhancements, Providing Organizations with Holistic and Automated Toolset to Accelerate Software Security

DevSecOps monitor and decommission

Jul 12, 2022 By Keith Thomas In AT&T Cybersecurity

This is the final article of the DevSecOps series and how it overlays onto DevOps lifecycle. In the first article, we discussed build and test in DevSecOps. In the second article, we covered securing the different components of the deploy and operate process. The final phases of the DevOps lifecycle are monitoring the deployed applications and eventually decommissioning when they are no longer needed.

Read Post