I joined Devo in May of 2021 to lead the company’s FedRAMP efforts. After a lot of work from many talented, experienced people, we have reached our first public milestone. Devo is now officially listed as “In-Process” on the FedRAMP Marketplace! First, I want to thank the Small Business Administration (SBA) for being our FedRAMP sponsor. We couldn’t have achieved this initial milestone without their support.
The simplest way to manage and organize your Go dependencies is with a Go Repository. You need reliable, secure, consistent and efficient access to your dependencies that are shared across your team, in a central location. Including a place to set up multiple registries, that work transparently with the Go client. With the JFrog free cloud subscription, including JFrog Artifactory, Xray and Pipelines, you can set up a free local, remote and virtual Go Registry in minutes.
Enterprises today rely on partners and vendors to help manage their data. Some companies depend on third-party infrastructure for day-to-day operations, so understanding the regulations and protection standards that a service provider is promising to uphold is very important.
Access brokers have become a key component of the eCrime threat landscape, selling access to threat actors and facilitating myriad criminal activities. Many have established relationships with big game hunting (BGH) ransomware operators and affiliates of prolific ransomware-as-a-Service (RaaS) programs.
Adversaries are becoming more adept and sophisticated in their attacks. Taking advantage of vulnerabilities present in major software is often an attractive entry point for establishing a campaign within an enterprise environment. The CrowdStrike 2022 Global Threat Report highlights how adversaries continue to shift tradecraft and weaponize vulnerabilities to evade detection and gain access to critical applications and infrastructure.
I have seen quite a few articles of late proclaiming that a major cyberattack against Australia is imminent as a result of the ongoing situation in Ukraine, and in truth it's kind of riled me up a bit. The most recent announcements about Australia promising cyber support to Ukraine has increased speculation on this question.
Online privacy is no laughing matter, until it is. Now, we’re very serious about fundamental human digital rights and we work day and night to make sure our users' data is wrapped up safe and sound. But that said, sometimes you need to take a step back and relax. Yes, how corporations and governments track us online is horrifying. Of course, the erosion of personal privacy and individual freedoms is worrying. And yeah, the world and the internet are in rough shape right now.
Here’s the story of how a regular project management task resulted in me opening a pull request to an open source repository on GitHub. As a new member of Snyk’s Marketing team, I was recently involved in the preparation for The Big Fix, an event that brings together developers, DevOps, and security practitioners of all skill levels to help make the internet more secure by fixing vulnerabilities while having fun and being rewarded with swag.
