As you may have heard, a massive breach of Microsoft Exchange servers was revealed in the last several weeks. The attack is not over yet. We can always wait for another attack and blame another vendor, but when it comes to Microsoft, well, who can we rely on after that? SolarWinds, Centreon and now Microsoft Exchange… With almost 80% enterprise market share, the Exchange holds the biggest secrets of our times, and now nobody knows where they went.
We’re pleased to announce our new plugin for JetBrains IDEs, making it easier for developers to find and fix security issues as they code! Snyk’s new free JetBrains IDE plugin enables developers using IntelliJ IDEA and WebStorm to easily find and fix known vulnerabilities in their open source dependencies as well as any security issues and bugs in their own code.
We’re pleased to announce support for viewing all of your Snyk Infrastructure as Code (Snyk IaC) configuration issues in the reporting functionality of the Snyk platform.
Writing secure code in a way that prevents code injection might seem like an ordinary task, but there are many pitfalls along the way. For example, the fact that you (a developer) follow best security practices doesn’t mean that others are doing the same. You’re likely using open source packages in your application. How do you know if those were developed securely? What if insecure code like eval() exists there? Let’s dive into it.
CloudCasa™, a simple, scalable, cloud-native data protection service that supports all leading Kubernetes distributions and managed services, is now generally available through the SUSE Rancher™ Apps & Marketplace. With increasing adoption of cloud database services, CloudCasa adds cloud database support starting with Amazon RDS to its Kubernetes data protection service – addressing both Kubernetes and RDS support in a single data protection service.
https://goteleport.com/docs/enterprise/sso/ssh-gsuite/
0:00 Intro
0:45 Example Teleport with local login
1:12 Configure Google Workspace
3:35 Creating Service Account
5:00 Manage API Scope
6:36 Creating OIDC Connector in Teleport
10:04 tctl create gworkspace.yaml
10:13 Example Login with Google Button
0:00 Introduction
0:25 Okta Setup
0:42 Configuring Okta
3:24 Setting up Okta Groups
6:45 tctl create okta.yaml
7:16 Assigning Groups in Okta
7:41 SSO Debugging
8:50 Conclusion
Kubernetes secrets are the nativere sources for storing and managing sensitive data, like passwords, cloud access keys, or authentication tokens. You need to distribute this information across your Kubernetes clusters and protect it at the same time. When sending your password to each node in your cluster, it’s critical to ensure that only authorized entities—users, services, or workloads—are able to access it.
