%term

Access Control Podcast: Episode 9 - SRE-Powered Dev Productivity

Sep 15, 2021 By Teleport In Teleport

In this ninth episode of Access Control, a podcast providing practical security advice for startups, Developer Relations Engineer at Teleport Ben Arent chats with Mario Loria. Mario is a Senior SRE at Carta who has been leading their move to Kubernetes and other cloud native technologies. Carta helps companies and investors manage their cap tables, valuations, investments, and equity plans. As users of Carta, we hope their security is top notch. Today we’ll be chatting about orchestrating Kubernetes, training teams on cloud native, and optimizing for the developer experience!

View Video

Teleport

Read more about Access Control Podcast: Episode 9 - SRE-Powered Dev Productivity

How organizations Handled Incidents Before and After Deploying AIOps - Part 1

Sep 15, 2021 By Gurubaran Baskaran In Fabrix

Organizations are always looking for new ways to innovate and reduce costs and allocate resources more efficiently. In this blog post, we will look at how enterprises handled incidents before and after deploying AIOps.

Read Post

Fabrix

Read more about How organizations Handled Incidents Before and After Deploying AIOps - Part 1

What's New in Software Supply Chain Security

Sep 15, 2021 By JFrog In JFrog

With new software supply chain attacks reaching the spotlight at an accelerating pace, security research uncovering novel attack methods, and new mandates and guidelines starting to come into effect -- it can be hard to stay on top of the latest developments and their implications. Catch this session as we break down the recent news related to software supply chain security and what you can do to meet new requirements and protect your software from such attacks.

View Video

JFrog

Read more about What's New in Software Supply Chain Security

A (soft) introduction to Python dependency management

Sep 14, 2021 By Lucian Irsigler In Snyk

Python has been deemed as a “simple” language — easy to use and easy to develop scripts to do numerous tasks — from web scraping to automation to building large-scale web applications and even performing data science. However, dependencies are managed quite differently in Python than in other languages, and the myriad options of setting up an environment and package managers only add to the confusion.

Read Post

Snyk

Read more about A (soft) introduction to Python dependency management

Securing Access to Fleets of Postgres and MySQL with Open Source Teleport

Sep 14, 2021 By Teleport In Teleport

https://goteleport.com/blog/securing-postgres-postgresql/
https://goteleport.com/docs/database-access/guides/postgres-self-hosted/

View Video

Teleport

Read more about Securing Access to Fleets of Postgres and MySQL with Open Source Teleport

Detect and prevent dependency confusion attacks on npm to maintain supply chain security

Sep 13, 2021 By Liran Tal In Snyk

On February 9, 2021, Alex Birsan disclosed his aptly named security research, dependency confusion. In his disclosure, he describes how a novel supply chain attack that exploits misconfiguration by developers, as well as design flaws of numerous package managers in the open source language-based software ecosystems, allowed him to gain access and exfiltrate data from companies such as Yelp, Tesla, Apple, Microsoft, and others.

Read Post

Snyk

Read more about Detect and prevent dependency confusion attacks on npm to maintain supply chain security

DevSecOps Road Trip UK stop - Andrew Martin & Lili Kastilio

Sep 13, 2021 By Snyk In Snyk

Session 1: Threat Modelling Kubernetes Cloud native container and Kubernetes systems bring new threats and risks to our precious workloads. As cloud technologies undergo rapid innovation and new tools and techniques emerge, security can get left behind. The answer to this conveyor-belt of potential insecurity? Threat modelling!

View Video

Snyk

Read more about DevSecOps Road Trip UK stop - Andrew Martin & Lili Kastilio

Security Incident Containment with Teleport Session and Identity Locking

Sep 10, 2021 By Sakshyam Shah In Teleport

What would you do when a security incident is detected? Shut down the servers? Pull out the power cord from the data center? When an incident is detected, both the incident method and the time required to contain an incident are essential to limit the damage. The slower you are to react, the more damage an incident would incur. And a service downtime to contain an incident can cost businesses even more than a security incident itself.

Read Post

Teleport

Read more about Security Incident Containment with Teleport Session and Identity Locking

Dev-first SAST: Increase your developer productivity while staying secure

Sep 9, 2021 By Liran Tal, Director of Developer Advocacy In Snyk

Static application security testing (or SAST) used to be a term coined by the security team, to help developers test their code early in the software development life cycle (SDLC). Unlike dynamic testing, it does not require a working application, which allows developers to identify security vulnerabilities while they code, so they can spot them as soon as they appear and fix them when it's easiest and fastest to do so. This cuts down their future workload by decreasing the backlog of issues they'll have to address later.

Read Post