DevSecOps
Cloud Security: Self-Healing Infrastructure With Fugue
Misconfiguration is the No. 1 cause for data breach in the cloud. Fugue helps to eliminate data breaches, as it fixes anything that gets drifted by providing baseline drift detection and automated ...
From DevOps to DevSecOps: Owning Cloud Security
The cloud is a complex environment, with different groups managing different cloud services and environments. The most basic division is between the cloud provider, who provides the core infrastructure, and the customer, ...
VMware Starts to Make DevSecOps Case
VMware, at the VMworld 2019 conference this week, strengthened its case for an application-centric approach to cybersecurity via updates to VMware AppDefense along with acquiring Intrinsic, a provider of a set of ...
Weighing the Cost of Improper DevSecOps
Bill Doerrfeld | | CD, ci, continuous deployment, continuous integration, devsecops, Istio, kubernetesSimply put, data breaches are terrible news for companies. And, the costs associated with such attacks continue to escalate. A recent IBM-sponsored report found an average price of 3.92 million per breach ...
Puppet Aims to Automate Vulnerability Remediation
Puppet today unveiled Puppet Remediate software, which makes it easier to prioritize and remediate software vulnerabilities automatically. Matt Waxman, vice president of products for Puppet, said Puppet Remediate builds on existing automation ...
CircleCI Adds Security Orbs to CI/CD Platform
CircleCI has extended the reach of its automated package manager, known as orbs, to cybersecurity software that can be integrated into a pipeline constructed within the company’s namesake continuous integration/continuous deployment (CI/CD) ...
Why Modernizing Security is Like Visiting a Fast-Food Restaurant
Jonathan DiVincenzo | | container platforms, data breach, devops teams, legacy WAF, open source, security, security solutions, serverless, WAF systemsFast casual restaurants are taking over the food industry. Today’s consumers want quality and speed, and the brick-and-mortar model offering immediate service paired with quality ingredients perfectly fits the bill. It’s the ...
Helping Developers Win in the Shift-Left Revolution
The shift-left revolution is upon us. Just because it’s a cliche, doesn’t mean it’s not true. As software development organizations continue to implement DevOps culture, processes, and tools, developers are adopting the ...
Top 5 AWS Security Mistakes: Leaky S3 Buckets
Mike Rothman | | ACL, AWS, AWS security, CloudFront, CloudFront origin access identity, CORS, Cross origin resource sharing, data security, IAM policies, s3 bucketsAs we get ready to discuss our list of the Top 5 AWS Security Mistakes in the upcoming DevOps.com webinar, we wanted to provide a preview of the type and depth of ...
Software Compliance Teams Can Learn a Lot from DevSecOps
Charlie Klein | | compliance testing, devsecops, integrated development environment, sdlc, software compliance, software development life cycleMany argue that application security should be the responsibility of a security team. However, while security professionals can contribute, developers are usually the only ones with the technical ability to fix software ...
