Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

Secure your infrastructure from code to cloud

Infrastructure as Code enables you to take ownership of your cloud environments and define what your application needs in a programmatic way. It's appealing because it’s code; you can version it, you can automate testing it using pipelines and you can deploy it frequently on your own. However there is a catch. With this level of autonomy comes increased responsibility and the implicit requirement to have the relevant knowledge needed in order to design and configure secure infrastructure.

Haunted: Chrome's vision for post-Spectre web development

Ahh, the web, an open platform where sites can communicate with each other, embed third-party content to unlock powerful features, make requests to arbitrary endpoints of other web applications... Well. Isolation was never a thing on the web, and this creates a number of security issues⏤but Spectre took this to the next level.

Enterprise Application Risk Profiling

I will discuss digital transformation in the enterprise, how it impacts cloud native applications developed using agile methodologies and as a result, an oscillating application risk rating, which then triggers prioritized security-related activities by application security engineers.. Key topics will include: Creating a baseline application risk profile Dynamic characteristics of application risk factors Significant changes that trigger security reviews