What Happened As part of a bug bounty, the security researcher Uzsunny found a critical vulnerability on the Shopify platform. The vulnerability allowed the attacker to assign himself as a “collaborator” to any store on Shopify without approval from the store’s manager. Collaborators have full access to perform any action on the store, including reading […]
Best Practices for Cloud Incident Response
Cloud computing is now mainstream, with almost all organizations running at least some resources in the public cloud—whether software-as-a-service (SaaS), platform-as-a-service (PaaS) or infrastructure-as-a-service (IaaS). Security teams have been scrambling to adapt to cloud environments, and with the growing adoption of DevSecOps, they are working together with DevOps teams to secure cloud systems from the […]
What Biden’s Cybersecurity EO Means for DevOps Teams
On May 12, 2021 President Biden issued Executive Order 14028, also known as the Executive Order on Improving the Nation’s Cybersecurity. This EO covers a lot of ground, and like all executive orders, it instructs agencies of the U.S. Federal Government to perform specific actions. What it doesn’t do is appropriate funding or create industry […]
WhiteHat Security Allies With Bit Discovery on Vulnerability Intelligence
WhiteHat Security, a subsidiary of NTT, has announced an integration with Bit Discovery to make it easier for developers and cybersecurity teams to discover the extent to which the attack surface they need to defend might be impacted by a vulnerability. Bit Discovery maintains a database made up of more than 5 billion internet-connected assets […]
Vulcan Cyber Research Reveals Most Enterprise Cybersecurity Teams Lack the Ability to Remediate Risk
Benchmark study finds most cybersecurity organizations lack the tooling and resources to deliver enterprise cyber hygiene TEL AVIV, Israel — May 12, 2021 — Vulcan Cyber®, developers of the industry’s only risk and vulnerability remediation platform, today released the results of its latest vulnerability remediation maturity research project. A survey of more than 100 enterprise security executives across […]
Trend Micro Allies With Snyk to Advance DevSecOps
Trend Micro and Snyk unveiled today a software-as-a-service (SaaS) platform the two companies have jointly developed to identify vulnerabilities in open source code. The Trend Micro Cloud One – Open Source Security by Snyk platform enables DevOps teams to both identify vulnerabilities and licensing issues to better monitor, prioritize and share information about risk and […]
The Basics of DevSecOps Adoption
Embracing DevOps is essential, but keeping the software delivery and deployment pipeline safe has become more critical than ever. While attackers are keen on getting into your Docker containers or Kubernetes clusters, securing your images, pods and clusters can deter attackers. Securing your artifacts, deployment workloads and production environments remains critical today. While we have […]
DevOps Connect at RSAC 2021: Insightful Talks, Live Q&A, Workshops, Pilates and More
We are excited to announce the return of DevOps Connect: DevSecOps Virtual Summit on May 19, as part of the RSA Conference 2021. This year, internationally recognized speakers will take a deep dive into “Securing the Cloud Native World.” DevOps Connect is a full-day event, featuring four different content tracks, with more than 50 speakers, […]
The Time for Collaborative Security Is Now
As Bruce Schneier famously said, “security is a process, not a product.” We commonly see companies pour millions of dollars into cybersecurity products and tools to protect against vulnerabilities and lower risks, and yet, more often than not these ample funds are not enough to defend against attacks. Within the span of two decades, we […]
How to Bring DevOps and Security Teams Closer Together
More often than not, there seems to be friction between DevOps and security teams. Despite having the same end goals of creating the most secure code and preventing any potential security pitfalls, these groups of professionals often lack the unity needed to accomplish these end goals effectively and efficiently. In the interview below, Naomi Buckwalter, […]
- « Previous Page
- 1
- …
- 4
- 5
- 6
- 7
- 8
- …
- 10
- Next Page »