Despite years of effort encouraging a DevSecOps approach, development and security teams tend to remain divided. For example, according to 2020 research, 65% of security professionals reported that their companies had successfully shifted security left. Good, right? But the same research also shows that almost a third of people believe the security team is primarily responsible for security — despite shifting left.

The Kubernetes community is ready for the last release of 2022—version 1.26. Since its beginning, Kubernetes has been a place of constant change and improvement. The platform evolves and matures with every new API change and bug fix. In this release, there are 38 tracked enhancements in addition to a large number of bug fixes. In this article, we will focus on some highlighted enhancements, important deprecations, and removals so that you can be confident before upgrading your clusters.

Cyberattacks are still big business and on the rise. Despite substantial increases in cybersecurity spending, many businesses aren’t taking enough action to mitigate their risks. While a significant data breach in itself is a scary concept, the costs of inaction and the subsequent charges associated with investigations, penalty fines and reputational damage should worry you even more.

"People tell you who they are, but we ignore it, because we want them to be who we want them to be.” - Don Draper Earlier this year we announced some security enhancements to how we handle submissions to Splunkbase. The simple statement is we are making things faster/cheaper/better where Splunkbase security is concerned. Faster in that it takes less time for a developer to get an app into our platform. Cheaper in that it’s more automated.

Due to the growing acceptance of distance learning, digital courses, and most recently, the COVID-19 epidemic, online education has seen a significant increase. Online student identity verification has become more popular as a quick and secure method of verifying student IDs and a cost-effective approach to onboarding new students and employees. The rapidly disappearing manual and paper-based student verification procedures are neither scalable nor practical for educational institutions.

Kroll analysts have identified new tactics used by threat actors associated with the AvosLocker ransomware. Critical vulnerabilities have been exploited within Veeam Backup and Replication, which may be an attempt to hide activity from detection technologies. The proxy tool “Chisel” has been identified, which can encrypt traffic through a victim’s firewall and could be used as a further evasion technique.

The healthcare industry has been a favored target for cybercriminals for many years. In the first half of 2022 alone, 324 attacks against healthcare organizations have been reported. Attackers have primarily focused on large hospitals in years past, but there has been a sudden switch to smaller healthcare companies and specialty clinics. There seems to be a clear trend in attacks against the healthcare industry, and that trend includes targeting smaller healthcare companies and clinics.

As the years go by, technology continues to evolve, and as we rely more and more on smart devices and the online space, there becomes greater risks of cyberattacks. If you work as a cybersecurity professional, then you are fighting the good fight, but it isn’t always easy. The job is unpredictable, and it requires odd hours and constant vigilance.

Being a developer, it has become your moral responsibility to offer clean and safe software products for users to install on their systems. You can easily tackle this by signing your software code and other executables with a digital security certificate.