Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

Rising CVEs and the need for speed: Enhancing software security with JFrog Xray and PagerDuty

With the proliferation of CVEs (Common Vulnerabilities and Exposures), we have witnessed a remarkable surge in associated risks over the past five years. 2022 was a record-breaking year with 25,096 new CVEs found, the most discovered CVEs ever. Unfortunately, 2023 is on track to beat that record.

Top Open Source Licenses Explained

An open source license is a binding legal contract between author and user that declares the certain conditions in which a piece of software can be used, which is especially relevant in commercial applications. This license is what turns software components into open source components, allowing developers to use that software so long as they keep the specific terms and conditions laid out in the license. There are a lot of open source licenses, over 200 in fact.

Cronos Group chooses Aikido Security to strengthen security posture for its companies and customers

An IT match made in… Belgium! Aikido Security, a SaaS startup from Ghent, will provide application security to The Cronos Group, an e-business integrator headquartered in Kontich, with over 5,000 clients across their 570+ companies in the Benelux region. This strategic partnership is set to fortify The Cronos Group’s security posture and Aikido Security’s influence in the cybersecurity industry.

OWASP Clickjacking: The Enhanced Cheat Sheet [XLS DOWNLOAD]

Clickjacking is a widely used cyberattack technique where users are tricked into clicking on something without realizing it’s harmful. Clickjacking attacks can lead to serious problems like data theft and financial fraud, damaging organizations’ reputations. According to the Javelin 2022 Identity Fraud Study, 22% of U.S. adults have been victims of account takeover attacks. But here’s the good part.

Mastering The DevOps Toolchain: 10 Essential to Build a DevOps Assembly Line

DevOps is more than just a buzzword and the dev behind the magic is more than just a tech wizard who orchestrates software delivery single-handedly. Behind the curtains is an assembly line of toolchains that makes DevOps possible. 44% of DevOps teams use between 2-5 tools, with 41% using 6-10 tools. High-performing teams also tend to use more tools, resulting in faster deployment cycles and delivering multiple times a month.

Securing the Weakest Link: A Guide to Third Party Cyber Resilience

We live in a business world where vast amounts of our critical services are delivered to us as a service. The world of on premise solutions has all but disappeared – sure, there are still some systems that operate on premise but these days, more key services are delivered to users and organisations as a service solution. This has increased profitability, allowed small companies to gain access to software and systems that previously were out of reach and has dealt a significant blow to piracy.

Datadog announces commitment to achieving FedRAMP High and Impact Level 5 authorizations

As government agencies accelerate their adoption of cloud technologies—particularly SaaS applications—they need to adhere to strict compliance and security standards. The Federal Risk and Authorization Management Program (FedRAMP) sets these standards for civilian federal agencies, while the Impact Levels laid out by the Defense Information Systems Agency (DISA) in their Cloud Computing Security Requirements Guide set guidelines for Department of Defense (DoD) agencies.

Organize and analyze your Google Cloud security findings with Datadog

As your cloud infrastructure scales to handle the weight of new features and a growing user base, your attack surface increases as well. When combined with the steady rise in security threats—more than 25,000 vulnerabilities were identified in 2022 alone—identifying every risk to your distributed system can be a challenge.