Distributed containerized systems compose applications, resources, services, databases, and other artifacts. These components often need sensitive information such as user keys, passwords, API keys, and certificates to function properly. Secrets management is critical for adequately handling sensitive information and Kubernetes deployments often utilize their built-in Secrets resource type and associated RBAC controls but what if you aren’t deploying on Kubernetes?

AT&T Cybersecurity is pleased to announce a code-free way for our USM Anywhere customers to make their own API-driven log collectors and custom parsers. This big advancement in threat detection and response technology will make it possible for customers to collect information from a much larger variety of sources and SaaS services without having to request new integrations or log parsers.

If you’re an IT manager or business owner, chances are external security is always top of your mind. But lately, managing access control of documents for employees has become just as necessary to limit access to information and information processing systems. While cybersecurity breaches are a menacing threat, internal security problems can be equally devastating, making access control measures necessary to mitigate the risk of access without authorization.

Application developers have always had a tricky balance to maintain between speed and security, two requirements that may often feel at odds with each other. Practices that increase speed also pressure development teams to ensure that vulnerable code is identified and remediated without slowing development. As companies embrace digital transformation initiatives, the need to weave better security into developers’ workflows has only grown clearer.

TL;DR Fuzzing JavaScript is easy now In this post, we introduce you to our new open-source fuzzer for the JavaScript ecosystem, Jazzer.js. Jazzer.js is a coverage-guided, in-process fuzzer for the Node.js platform. It’s based on the experience we gathered developing its namesake Jazzer, our fuzzer for the JVM platform. Internally, Jazzer.js uses libFuzzer as a solid industry-standard engine and brings many of its instrumentation-powered mutation features to JavaScript.

In a perfect world, software developers would not only have an innate understanding of security but be able to create bulletproof code from the get-go.