Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

With 1Password Shell Plugins, you can forget about storing insecure plaintext keys on disk or manually typing credentials or MFA codes into your terminal. Instead, sign on to any CLI with your fingerprint. Install & configure the relevant plugins for your toolchain via the 1Password CLI and you’re all set. You can even build and contribute your own plugins as needed via the open-source community project.

Structure and Framework of a SOC2 Report

Whether you are training to become an information security professional or if you are more seasoned in the cyber security industry, this is an episode you don’t want to miss. In this episode, I am joined by Josh Davies and Keith Christie-Smith to talk about what the cyber security skills shortage means for the industry and how we can address this.

In this livestream we are joined by Adolfo Veytia, Staff Software Engineer at ChainGuard and Tech Lead on the Kubernetes SIG-Release team, as we talk about they were able to tackle signing all of the Kubernetes v1.24 image artifact using Sigstore. We then demonstrate signing an image and vulnerability scan result attestations with Sigstore's cosign utility. Didn't catch the live stream? Ask all of your Snyk questions and we’ll do our very best to answer them in the comment section.

CI Fuzz CLI is an open-source solution that lets you run feedback-based fuzz tests from your command line. Every developer can use it to find bugs and vulnerabilities with three simple commands. In this stream, I will demonstrate: 1) How to cover the current state of fuzz testing 2) How to set up CLI fuzzing within 3 commands 3) How to uncover multiple bugs and severe memory corruption vulnerabilities

On this week's episode, we cover the latest in car hacking, this time involving a vulnerability that could have given remote attackers full control over certain Hyundai models' doors, lights and engine. After that, we discuss the latest breach impacting a major password management app and how it's different from previous ones we've seen. We end with a discussion on the latest 'custom security solution' vendor selling spyware tools for profit.

About TrustCloud: Our mission is to make it effortless to earn trust in every business relationship. TrustCloud's Trust Assurance platform democratizes every company's ability to quickly and cost-effectively set up, test and get audited for security and compliance certifications, automatically respond to security questionnaires, and confidently share its compliance program with enterprise customers.

This video shows you how to use Python and Bytesafe to install secure packages.

State of Arizona and Arctic Wolf leaders share approaches to balancing cybersecurity compliance with multiple operational frameworks.

FirstBank CISO Brenden Smith and David Kruse, Arctic Wolf’s Tetra Defense executive, discuss strategies to improve cyber readiness — and meet increasingly stringent cyber insurance requirements.