%term

CVE-2021-38297 - Analysis of a Go Web Assembly vulnerability

Aug 30, 2022 By Uriya Yavnieli In JFrog

The JFrog Security Research team continuously monitors reported vulnerabilities in open-source software (OSS) to help our customers and the wider community be aware of potential software supply chain security threats and their impact. In doing so, we often notice important trends and key learnings worth highlighting.

Read Post

JFrog

Read more about CVE-2021-38297 - Analysis of a Go Web Assembly vulnerability

Rethinking security roles and organizational structure for the cloud

Aug 30, 2022 By Ratan Tipirneni In Tigera

As more and more applications and application development move to the cloud, traditional security roles and organizational structures are being shaken up. Why is that and what are the benefits of a cloud-first approach for business?

Read Post

Tigera

Read more about Rethinking security roles and organizational structure for the cloud

Authenticated | Arctic Wolf

Aug 30, 2022 By Arctic Wolf In Arctic Wolf

In the first episode of Authenticated, Arctic Wolf Chief People Officer Dan Schiappa and Arctic Wolf Research and Development VP Daniel Thanos, detail the unique opportunity that Arctic Wolf Labs has to help reduce alert fatigue for security practitioners, serve the public good, and lead the industry in innovation by combining leading-edge AI with human intelligence.

View Video

Arctic Wolf

Read more about Authenticated | Arctic Wolf

There's No Such Thing as "Shadow IT." It's Business IT.

Aug 30, 2022 By Mike Anderson In Netskope

How does an application find its way into a company? In most cases today, people don’t start by searching through their organization’s catalog of approved applications.

Read Post

Netskope

Read more about There's No Such Thing as "Shadow IT." It's Business IT.

XDR: Why open is better than closed

Aug 30, 2022 By Kate Brew In AT&T Cybersecurity

In a new 12-minute video Rakesh Shah AVP Product Management and Development of AT&T Cybersecurity, explains Extended Detection and Response (XDR). This video was part of the virtual Black Hat USA event in August. It’s not product-specific and explains what can be a very confusing concept in a delightfully simple way.

Read Post

AT&T Cybersecurity

Read more about XDR: Why open is better than closed

Securing container applications using the Snyk CLI

Aug 30, 2022 By Hadar Mutai In Snyk

When scanning an image you probably want to scan for both operating system vulnerabilities and vulnerabilities in the application dependencies (like npm, pom.xml, package.json etc), in order to get a full picture of the security issues within your images. Until now, when using the Snyk Container test/monitor commands to scan images you had to specify the --app-vulns flag in order to scan for application vulnerabilities.

Read Post

Snyk

Read more about Securing container applications using the Snyk CLI

Everything You Need to Know About CI/CD and Security

Aug 30, 2022 By Anastasios Arampatzis In Tripwire

CI/CD is a recommended technique for DevOps teams and a best practice in agile methodology. CI/CD is a method for consistently delivering apps to clients by automating the app development phases. Continuous integration, continuous delivery, and continuous deployment are the key concepts. CI/CD adds continuous automation and monitoring throughout the whole application lifetime, from the integration and testing phases to delivery and deployment.

Read Post

Tripwire

Read more about Everything You Need to Know About CI/CD and Security

How to build a Slack bot with Zapier and JavaScript to fetch trending topics on Reddit

Aug 30, 2022 By Liran Tal In Snyk

Reddit is a good place to stay in the loop when it comes to web development news, and if you’re like me, you probably follow subreddits like r/node or r/javascript. I recently found a great way to build a Zapier Reddit integration with just my JavaScript knowledge — so I can share those trending Reddit posts in my team’s channel. In this article you’ll learn.

Read Post

Snyk

Read more about How to build a Slack bot with Zapier and JavaScript to fetch trending topics on Reddit

60 Second Charity Challenge: Password Managers

Aug 30, 2022 By Splunk In Splunk

In this 60 second charity challenge benefiting the GAVI Alliance, Mick and Ryan explain why they think it's worth it to use a password manager.

View Video

Splunk

Read more about 60 Second Charity Challenge: Password Managers

A Day In The Life of A CISO - Chris Hughes

Aug 30, 2022 By Snyk In Snyk

Snyk helps software-driven businesses develop fast and stay secure. Continuously find and fix vulnerabilities for npm, Maven, NuGet, RubyGems, PyPI and more.

View Video