At the Black Hat USA 2022 conference, IBM today revealed it is making available a toolkit for launching simulated attacks against source code management (SCM) platforms. The toolkit was launched as a proof-of-concept. Brett Hawkins, head of adversary simulation for the X-Force Red arm of IBM Security, said the SCMKit takes advantage of the REST […]
JFrog Aligns With AWS to Improve Cloud Application Security
At the AWS re:Inforce event this week, JFrog announced it integrated its JFrog Xray software composition analysis tool with AWS Security Hub, a cloud security posture management (CSPM) service that alerts IT teams whenever a security issue is detected. In addition, JFrog also announced it is participating in a preview of an AWS Marketplace Vendor […]
Scribe Security Unveils Pair of Tools to Secure Software Supply Chains
Scribe Security today unveiled a Scribe Integrity tool that scans software artifacts to make sure they comply with IT organizations’ security policies before they are integrated into an application. The Scribe Integrity tool authenticates open source and proprietary source code before it is uploaded into a build. It assumes that all artifacts are “guilty” until […]
Styra Unfurls Cloud Service for Implementing Compliance-as-Code
Styra, Inc. today launched an authorization service based on the Open Policy Agent (OPA) software that can be invoked via an application programming interface (API). Torin Sandall, vice president of open source for Styra, said the Styra Run cloud service will make it much simpler to embed enterprise-grade authorization capabilities within applications. Today, developers spend […]
Rezilion Launches Vulnerability Prioritization Platform
Rezilion today announced general availability of a platform that enables DevOps teams to better prioritize remediation efforts by identifying which vulnerabilities both run in memory and actually impact a class or function that can be executed. Liran Tancman, Rezilion CEO, said the biggest DevSecOps challenge organizations face today is that the bulk of vulnerabilities that […]
GitGuardian Tightens Integration With GitHub to Secure Secrets
GitGuardian has expanded its ability to secure code repositories by providing deeper integration with GitHub. Ziad Ghalleb, product marketing manager for GitGuardian, said the results of security scans are now provided in the context of pull requests alongside suggestions for remediating issues. The company also expanded developer onboarding options by adding an application programming interface […]
This DevSecOps Thing Is Real After All
Whether you made it to San Francisco, California last month for RSA Conference or not, you don’t want to miss Tuesday’s DevOps Connect: DevSecOps Virtual Summit. On Tuesday, July 12, 2022, we are presenting a virtual broadcast of the sessions from our recent DevOps Connect: DevSecOps event at RSA Conference in June 2022. All of […]
Turning Off DevSecOps Noise for Functional Fidelity
Analyzing the DevOps and DevSecOps software marketplace demonstrates the high demand for tools and platforms that reduce false positives. As businesses and organizations adopt a rigorous, disciplined software development life cycle and ascribe to strict compliance frameworks, they quickly realize that automated tools can generate a substantial amount of noise, in the form of false […]
More Than Half of DevOps Pros Have Backdoor Access to IT Infrastructure
A survey of 600 DevOps professionals conducted by strongDM, a platform for managing access to IT infrastructure, found nearly two-thirds (64%) had productivity impacted on a daily or weekly basis because of access issues. It’s not surprising that, as a result, DevOps teams created a number of workarounds to gain access, even though those methods […]
TechStrong Con: Open Source Software Community Needs Security Help
The only way to make significant improvements in the state of open source security is if more organizations that benefit from open source projects commit to making more resources available to achieve that goal. At the virtual TechStong Con event, executives on an Open Source and DevOps panel called for more contributions from enterprise IT […]
- « Previous Page
- 1
- …
- 12
- 13
- 14
- 15
- 16
- …
- 25
- Next Page »