Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

This User Office Hours session covers how to build a secure CI/CD Pipeline with GitHub Actions and Snyk. First, we'll build a demo application. Then, we'll walk through how to test for security issues using Snyk Open Source and Snyk Code. We'll then go on to deploy a container image. Missed the live stream? Feel free to ask questions in the comment section, and we'll do our very best to answer them.

Zero Trust, a phrase coined by Forrester in 2009, is not a commonly used cybersecurity strategy in Australia and the Asia-Pacific region. In the United States, large technology companies and the federal government have been eager to adopt Zero Trust. But in Australia and New Zealand, Zero Trust adoption has been prolonged. People were confused about what Zero Trust means.

Learn how to automate and orchestrate incident response with Cloud SOAR's playbooks.

It's been a busy 3 months at LimaCharlie. Let's review some of what we've released.

Overview Introducing Share Admin – a new administrative permission that will transform the way your organization’s privileged administrators manage shared folders and records. Keeper's Share Admin feature is a role-based permission that gives administrators elevated access rights over your organization's shared folders and records.

Grab a cup of coffee and join Ryan Kovar, Mick Baccio, and Audra Streetman for another episode of Coffee Talk with SURGe. The team from Splunk will discuss the latest security news, including: Mick and Ryan competed in a 60 second charity challenge to share their take on the issue of victim-blaming for phishing attacks. The episode ends with a deep dive on cyber threats ahead of the U.S. midterm elections on Nov. 8.

Today we look at the most common attack vector: Phishing. We break down the multi-layer approach to a successful phishing defence for businesses.

Introducing JFrog Advanced Security, the world’s first DevOps-centric security solution designed to control and protect your software supply chain from code to containers to production. As part of JFrog Xray and integrated into the universal JFrog DevOps Platform, these security features focus at the binary level, revealing issues that are not visible in source code alone. These new features go beyond the traditional software composition analysis (SCA) capabilities of JFrog Xray, with a focus on container security.

In this tutorial, I will show you how to set up and run a fuzz test on a C/C++ application, with the CI Fuzz CLI. The CI Fuzz CLI is an easy-to-use fuzzing tool, that enables you to integrate and run fuzz tests directly from your command line. I chose this tool for this tutorial, on how to set up a fuzz test, as it is particularly user-friendly, and as it allows developers to set up and run a fuzz test with only three commands.

We will introduce how Falco can be extended to be used for data sources beyond syscalls, opening up use cases covering detections on cloud-native platforms using any JSON compatible logs from cloud vendors, or sources such as AWS Cloudtrail.