St. Charles, MO, USA
Jun 28, 2022   |  By Yagel Sheli
The gap between Product Managers (PM) and R&D managers has existed since the beginning of the software industry. The PM wants to create the perfect product for their users, add shiny new features all the time, and support as many types of users as possible – while still maintaining a product that is well suited to them. PMs want to move fast. Devs, on the other hand, want to close tech debt, maintain a stable, secure, and robust system, and test every change extensively.
Jun 24, 2022   |  By Rezilion
This is the second installment in a series about making DevSecOps work in your organization. In a previous post, we covered the first pillar of the DevSecOps model—discovery. In this post we discuss the second, which is validation. The reason this phase is so important to the DevSecOps model and for successful vulnerability management is that it’s the point where the software flaws that represent true risks are separated out from those that are not serious security risks.
Jun 23, 2022   |  By Mier Tapiro
Our lives revolve around measuring things on a daily basis. Comparisons between today and yesterday, between different resources – a bevy of factors. On average, a person makes about 35,000 decisions a day, and many of these require comparison tools to make the right decision. Technological advances today are faster than ever, and as a result, devices and other assets are rapidly improving.
Jun 22, 2022   |  By John Vassiliou
Companies are increasingly turning to a Software Bill of Materials (SBOM) to provide them with information about what is in their individual software environment. SBOMs have already shown promising results. In a study from the Linux Foundation, over 44% of respondents said that a software bills of materials (SBOM) improves some aspects of their development processes.
Jun 21, 2022   |  By Rezilion
*This is part of an ongoing series from Rezilion titled Enlightened Engineering: Reflections From Rezilion’s Tech Team By: Ofri Ouzan, Security Researcher, Rezilion
Jun 15, 2022   |  By John Vassiliou
Despite the time that’s passed between its discovery and today, Log4Shell continues to plague the tech industry. The number of downloads of exploitable Log4j packages has remained consistent, and because it nests itself deep in files, it is often difficult for current tools to find vulnerabilities. A recent report from Rezilion finds that almost 60% of packages affected by the vulnerability remained untouched, and over 90,000 publicly facing servers are still running obsolete versions of Log4j.
Jun 14, 2022   |  By Rezilion
By Cybernews Team Every company these days either develops or purchases software to help them run more efficiently. Everything is powered by software, from infrastructure and commerce to financial systems and healthcare. Having said that, the threat landscape is also constantly shifting with the software. Hence, companies need to understand the sources of software vulnerabilities and act on them. That involves acquiring quality security tools and various DevSecOps solutions.
Jun 14, 2022   |  By Rezilion
This is the first installment in a series about making DevSecOps work in your organization. The DevSecOps model, a key to enhancing software security at all phases of the development lifecycle, includes four pillars: Discovery, validation, prioritization and remediation. These are vital for eliminating vulnerabilities from software products, in a way that does not overly tax development and security team resources or lead to higher costs, greater friction and reduced productivity.
Jun 13, 2022   |  By Rezilion
Software attack surface management (SASM) provides an effective way to secure software throughout an organization’s software development life cycle (SDLC). Rezilion’s dynamic software bill of materials (Dynamic SBOM) effectively implements SASM for practical enterprise environments, according to a new report from cybersecurity research and advisory firm TAG Cyber.
Jun 9, 2022   |  By Bareket Sarusi
Whoever you are, whether you’re a developer that intends to contribute to a project or a researcher that seeks to reveal how a project works, consider this: When it comes to facing a large codebase, understanding how the project’s package dependency resolution works is one of the most important and underrated actions one can easily skip.
Jun 23, 2022   |  By Rezilion
View this on-demand webinar and learn.
Jun 23, 2022   |  By Rezilion
The recently discovered flaw in Apache’s Log4j software continues to stress security teams and put many organizations at risk. Because Log4j is very difficult to detect, many scanners may not detect it. Rezilion researchers conducted a survey using multiple open source and commercial scanning tools and assessed the tools against a dataset of packaged Java files where Log4j was nested and packaged in various formats. While no scanner was able to detect Log4j in all formats initially, several scanner makers were quick to respond and update their technology to find the bug.
Apr 8, 2022   |  By Rezilion
View this video to see a demo of the Rezilion Platform and how it deploys in AWS.
Mar 23, 2022   |  By Rezilion
View a demonstration of Rezilion's integration with GitLab to see how you can reduce patching efforts by 70% so you can code more, release faster, and patch less.
Jan 27, 2022   |  By Rezilion
A new vulnerability, PWNKIT, is on the horizon. View this video to see how Rezilion can help you detect PWNKIT using our dynamic Software Bill of Materials (SBOM).
Jan 18, 2022   |  By Rezilion
View a demonstration of Rezilion's integration with GitLab to see how you can reduce patching efforts by 70% so you can code more, release faster, and patch less.
Dec 22, 2021   |  By Rezilion
Open source code is frequently used in app development and can introduce vulnerabilities into environments making them easily exploited by cybercriminals. View the replay of this panel discussion to learn how your organization can reduce security risks.
Dec 22, 2021   |  By Rezilion
Watch this replay for ‘How-To’ Cloud Security knowledge to help teams reduce ongoing operations and administrative costs, increase reliability and availability, and more easily scale as you embrace the benefits of cloud computing.
Dec 22, 2021   |  By Rezilion
With hackers waiting to exploit any weaknesses, it's no surprise that application security has become one of the industry’s top priorities. Watch this webinar replay and gain timely ‘how-to’ AppSec knowledge that will help you protect your web applications and improve their overall security—you'll even learn some tricks and tips of your own to outwit hackers.

Rezilion’s autonomous cloud workload protection platform instantly shrinks your attack surface while enabling developers to push code freely.

Rezilion is a stealth mode cyber-security start-up, created by successful serial-entrepreneurs. Rezilion develops a cutting edge technology that makes cloud environments self-protecting and resilient to cyber-attacks.

Security at Cloud Speed and Scale:

  • Dynamic Whitelisting & Application Control: By statically analyzing CI/CD pipeline artifacts (code repositories, VM and container images repositories, etc.) Rezilion determines the correct state for every production instance and assures that each is behaving exactly as programmed.
  • Hardening & Vulnerability Management: Vulnerabilities, known and unknown, are part of the DevOps life. Unfortunately, they can’t be fixed all at once. Rezilion makes living with vulnerabilities manageable by reducing the vulnerable attack surface — as well as the tension between DevOps and Security teams.
  • Exploit Prevention & Memory Protection: Rezilion continuously assesses the integrity of hosts, virtual machines, and containers; providing broad protection against attacks, without the overhead and complexity of legacy solutions.
  • Change Control & Access Management: Immutability is a shared goal for developers, IT, and security. However, few production environments are completely immutable. Rezilion helps control and document any manual change that bypasses the CI/CD pipeline.

Effortlessly reduce your attack surface.