%term

WebStorm Integration

Oct 28, 2022 By Mend In Mend

Are you using JetBrains WebStorm? Mend can integrate with your IDE and quickly detect open source artifacts and their known vulnerabilities. Mend also provides all the information you need to fix these artifacts automatically.

View Video

Mend

Read more about WebStorm Integration

It's Cybersecurity Awareness Month-So Let's Talk Automation and Home Security

Oct 28, 2022 By Chris Lindsey In Mend

At this point, anybody in the IT world would have to be living in a cave in the wilderness to not know that October is Cybersecurity Awareness Month. (And since there’s no Wi-Fi in wilderness caves, that scenario is admittedly unlikely.) This week, I wanted to take a closer look at a couple topics, one for work and one at home.

Read Post

Mend

Read more about It's Cybersecurity Awareness Month-So Let's Talk Automation and Home Security

Upcoming Critical OpenSSL Vulnerability

Oct 28, 2022 By Ben Hirschberg In ARMO

OpenSSL is the most popular implementation of the TLS protocol (Transport Layer Security) which is essentially the de-facto security protocol of the internet today. The OpenSSL team announced critical security updates of versions above version 3.0 (OpenSSL 3.0 was released on September 7, 2021). The myriad of projects and software depending on OpenSSL must update and release a new version to enable end users to start patching their systems.

Read Post

ARMO

Read more about Upcoming Critical OpenSSL Vulnerability

Modern AppSec Moves Beyond Shift Left to Shift Smart

Oct 27, 2022 By Carol Hildebrand In Mend

This is the third of a six-part blog series that highlights findings from a new Mend white paper, Five Principles of Modern Application Security Programs. Be sure to look out for our upcoming blogs on each of the five principles.

Read Post

Mend

Read more about Modern AppSec Moves Beyond Shift Left to Shift Smart

A Rash of Recent CVEs in Go

Oct 27, 2022 By Daniel Elkabes In Mend

At 12 years old, Go is a relatively new programming language–but it’s a popular one when it comes to cloud-native computing. CockroachDB, Docker, Kubernetes, and AdGuardHome (byAdGuard) are all built on Go, and the Go GitHub repository has over 105,000 stars, putting it in third place as a GitHub star leader.

Read Post

Mend

Read more about A Rash of Recent CVEs in Go

Kubescape adds CIS benchmark, boosting security and compliance scanning

Oct 26, 2022 By Jonathan Kaftzan In ARMO

Kubescape can now automatically scan Kubernetes clusters against the Center for Internet Security (CIS) benchmark, identify compliance gaps, suggest remediations, and monitor for drifts. This feature was born as a direct response to requests we received from Kubescape’s community and we’re excited to launch it. In this version, Kubescape supports CIS Kubernetes V1.23. In the next releases CIS GKE, AKS, and EKS frameworks will be supported as well.

Read Post

ARMO

Read more about Kubescape adds CIS benchmark, boosting security and compliance scanning

Snyk's new native integration with Bitbucket Cloud emphasizes dev-first security

Oct 25, 2022 By Sarah Conway In Snyk

Snyk is excited to announce a new, native integration with Atlassian Bitbucket Cloud. This new release improves Snyk’s functionality within Bitbucket Cloud, making installation faster, and easier to implement. Our Bitbucket integration is the first out-of-the-box embedded security experience within the Atlassian UI, enabling users to access high vulnerability counts and rich contextual information right from their native Bitbucket workflow.

Read Post

Snyk

Read more about Snyk's new native integration with Bitbucket Cloud emphasizes dev-first security

[Webinar] GitGuardian and TechStrong Present Tackling Secrets at the Enterprise Level

Oct 24, 2022 By GitGuardian In GitGuardian

As DevOps turns to multi-cloud, workload containerization, and infrastructure-as-code, securing and distributing secrets across teams and environments has become a complex undertaking. Left unmanaged, this leads to secrets sprawl; in other words, the exposure of credentials in source control servers, DevOps tools, and every component that makes up the software development life cycle (SDLC). With exposed secrets, attackers can easily access an organization’s critical resources. They can breach the perimeter to carry out attacks, hijack computing power, exfiltrate customer data and compromise the integrity of the software supply chain.

View Video

GitGuardian

Read more about [Webinar] GitGuardian and TechStrong Present Tackling Secrets at the Enterprise Level

Introducing JFrog Advanced Security

Oct 21, 2022 By JFrog In JFrog

With JFrog Advanced Security, you can now intelligently deliver secure software at speed and scale with the industry’s only DevOps-centric security solution. The new advanced security solution unifies developers, operations, and security teams to safeguard the software supply chain in a holistic, hybrid, multi-cloud platform.

View Video

JFrog

Read more about Introducing JFrog Advanced Security

Snyk Customer Story: GoodLeap

Oct 20, 2022 By Snyk In Snyk

David Barker, Head of Application Security at GoodLeap explains how how fast and easy it was for his team to roll out Snyk and why the ideal relationship between security and engineering teams is collaborative.

View Video

Snyk

Read more about Snyk Customer Story: GoodLeap

Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

WebStorm Integration

It's Cybersecurity Awareness Month-So Let's Talk Automation and Home Security

Upcoming Critical OpenSSL Vulnerability

Modern AppSec Moves Beyond Shift Left to Shift Smart

A Rash of Recent CVEs in Go

Kubescape adds CIS benchmark, boosting security and compliance scanning

Snyk's new native integration with Bitbucket Cloud emphasizes dev-first security

[Webinar] GitGuardian and TechStrong Present Tackling Secrets at the Enterprise Level

Introducing JFrog Advanced Security

Snyk Customer Story: GoodLeap

Monthly Archive

Follow Us