Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

Building Java applications today means that we take a step further from writing code. We use open-source dependencies, create a Dockerfile to deploy containers to the cloud, and orchestrate this infrastructure with Kubernetes. Welcome, you're a cloud native application developer! As developers, our responsibility broadened, and more software means more software security concerns for us to address.

Li Yuekang from NTU Singapore, & Dr. Sheikh Mahbub Habib from Continental present this talk. Software testing typically requires these three steps: Researchers have been focusing on improving the test case generation and execution feedback analysis while the topic of target program execution is under-studied, because executing the target program seems to be an easy task. However, through industry practice, they find that target program execution can be challenging for libraries or IoT software.

Collecting information on cyber threats and analysing data on a regular basis is essential to ensure your defenses are tight and to allow you to pre-empt potential attacks. Richard Cassidy and Josh Davies, experts in the cyber threat intelligence field, join us today to discuss how collaboration between cyber professionals when it comes to data and intelligence is essential for keeping your environment secure in a world where threats evolve on a daily basis.

A default Kubernetes cluster isn't safe by default. You have secrets in plain text, open and unencrypted pod to pod communication, insecure access, and much more to tighten down. In this video, we'll discuss 5 strategies to better secure your Kubernetes cluster from the outset.

CI/CD combines the practices of continuous integration (CI) and Continuous Delivery (CD) to allow DevOps teams to deliver code updates frequently, reliably, and quickly. CI/CD emphasizes automation throughout the development lifecycle (Buid, Test, Deploy). By replacing the manual efforts of traditional development, code releases can happen more frequently, and with less bugs and security vulnerabilities. At CrowdStrike, we focus on integrating security into the CI/CD pipeline. As part of the functionality of CrowdStrike’s Falcon Cloud Workload Protection (CWP), customers have the ability to create verified image policies to ensure that only approved images are allowed to progress through the CI/CD pipeline and run in their hosts or Kubernetes clusters.

In this video, learn the mission of Project Pyrsia, how it aids in securing the #softwaresupplychain and why it matters—from project partners at JFrog, DeployHub, and Oracle!

Grab a cup of coffee and join Ryan Kovar, Mick Baccio, and Audra Streetman for another episode of Coffee Talk with SURGe. The team from Splunk will discuss the latest security news, including: Mick and Ryan competed in a 60 second charity challenge about network surveillance. The group also discussed the possibility of Twitter implementing end-to-end encrypted messaging on the platform.

Response and recovery plans are crucial to reduce the severity and time of security incidents. But many organizations aren’t sure where to start in building their plans. Here are three tips for building a better recovery plan. Subscribe to our channel to get more useful content to help you protect your organization.

Datadog Cloud Security Management provides security context for your observability data to help you quickly identify threats and misconfigurations across your infrastructure. In this demo, we show you how Cloud Security Management allows you to remediate threats, collaborate with other teams, and declare incidents for further investigation, giving you complete cloud-native application protection.

This week on the podcast we dive into the world of attack surface management. We discuss what your attack surface is made up of including some areas you may not have thought of and then cover the best ways to reduce and ultimately protect it. The 443 Security Simplified is a weekly podcast that gets inside the minds of leading white-hat hackers and security researchers, covering the latest cybersecurity headlines and trends.