Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

tripwire

Securing Infrastructure as Code: Best Practices for State Management

Aug 20, 2024 By Joseph Chukwube In Tripwire
IT infrastructure management is a complex task. Over the years, various methods have been used to better manage corporate environments. Whether it is network monitoring, asset control, application monitoring, or any of the other infrastructure management obligations, different solutions have been attempted to make the job easier. These undertakings became even more challenging as infrastructure moved from the deceptively tidy on-premises data centers out to the cloud.
Read Post

Maturing your AppSec Program with Toby Jackson - Secrets of AppSec Champions Podcast

Aug 20, 2024 By Mend In Mend
Join host Chris Lindsey as he digs into the world of Application Security with experts from leading enterprises. Each episode is theme based, so it's more conversational and topic based instead of the general interview style. Our focus is growing your knowledge, providing useful tips and advice. With Chris' development background of 35 years, 15+ years of secure coding and 3+ years running an application security program for large enterprise, the conversations will be deep and provide a lot of good takeaway's that you can use almost immediately.
View Video
gitprotect

CISOs At The Forefront Of DevOps Security - Top 10 Data Protection Traps

Aug 19, 2024 By Karolina Dzierżyńska In GitProtect
Shared Responsibility Models, NIS2, DORA, or SOC 2 & ISO audits, accidental deletions, and the evolving threat landscape in SaaS apps confirms that DevOps Security becomes a priority. CISOs and DevOps teams need to meet halfway to secure data processed across GitHub, GitLab, and Atlassian, without compromising agility and efficiency. However, finding this middle ground is not an easy task.
Read Post

CISOs at the forefront of DevOps Security - top 10 data protection traps

Aug 19, 2024 By GitProtect In GitProtect
Shared Responsibility Models, NIS2, DORA, or SOC 2 & ISO audits, accidental deletions, and the evolving threat landscape in SaaS apps confirms that DevOps Security becomes a priority. CISOs and DevOps teams need to meet halfway to secure data processed across GitHub, GitLab, and Atlassian, without compromising agility and efficiency. However, finding this middle ground is not an easy task.
View Video
armo

CVE-2024-7646: Ingress-NGINX Annotation Validation Bypass - A Deep Dive

Aug 18, 2024 By Amit Schendel In ARMO
Attention: a new Kubernetes vulnerability was uncovered by André Storfjord Kristiansen (@dev-bio on GitHub) and it demands immediate attention from security professionals and DevOps teams. CVE-2024-7646, affecting the popular ingress-nginx controller, allows malicious actors to bypass annotation validation and potentially gain unauthorized access to sensitive cluster resources. This vulnerability has been assigned a CVSS v3.1 base score of 8.8 (High).
Read Post
mend

Black Hat 2024: AI, AI, and Everything Else

Aug 16, 2024 By Chris Lindsey In Mend
I’m back from another Black Hat! It was great seeing everyone. I put out a message on LinkedIn for people to come find me and, boy, did they. The hallway conversations were so engaging, I was sometimes late getting to the official talks, but I’m getting ahead of myself. AI was everywhere, as we’d expect, but I also sat down to listen to experts on other topics like critical infrastructure, cyber insurance, and the root causes of cybersecurity failure.
Read Post

Copyright © 2026 OpsMatters™. All rights reserved.