Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

Becoming PCI DSS compliant can be a long journey and we like to begin, possibly controversially, with requirement 12 of the 12 PCI DSS Compliance Requirements. This requirement includes information security governance and there's a lot in there about your security policies. Why begin here, you might ask? Well, watch on...

How does a team-centric collaboration focus change how a team maintains the security of the code? In this fireside chat, Patrick Debois, Snyk Labs Researcher, joins Anders Wallgren, Vice President of Technology Strategy at CloudBees. to explore this theme. They discuss what's new and changing with application security and what have we learned from DevOps that organizations can and should apply to DevSecOps.

We have been witnessing an ever-growing amount of supply chain security incidents in the wild. And now, those incidents are starting to extend to the place where developers spend most of their time: their integrated development environment, and specifically the Visual Studio Code IDE. Recently, Snyk has discovered and disclosed vulnerabilities that pose a real and imminent threat to developers who use these extensions. The potential compromise is so significantly severe that a remote code execution on a developer’s machine is possible by simply tricking the developer to click a link.

Docs: https://goteleport.com/docs/setup/guides/terraform-provider/

Watch this tutorial to learn about Command Injection and better understand the risk it brings to the security of your applications.