DevSecOps Archives

Hot Topics

Introducing Goffloader: A Pure Go Implementation of an In-Memory COFFLoader and PE Loader
The Role of Digital Adoption in Email Deliverability & Security
Demystifying SOC 2 Compliance for Startups: A Simple Guide
Happy Canada Labour Day! / Bonne Fête du Travail Canadienne!
Happy United States Labor Day 2024 / Feliz Fin de Semana del Día del Trabajo de Estados Unidos 2024 / Joyeux Fin de Semaine de la Fête du Travail aux États-Unis 2024

Getting Started With SPIFFE For Multi-Cloud Secure Workload Authentication

Guest Expert | August 26, 2024 | DevSecOps, Tutorials

SPIFFE stands for Secure Production Identity Framework for Everyone, and aims to replace single-factor access credentials with a highly scalable identity solution. This blog post provides some practical applications of SPIFFE in ...

GitGuardian Blog - Code Security for the DevOps generation

Five Gartner Reports. Four Categories. What Does OX Security Do Anyway?

Katie Teitler-Santullo | August 14, 2024 | Application Security, DevSecOps, software supply chain security

Analyst firms play an important role in the tech vendor landscape. Their reports help buyers and would-be buyers learn about vendors and their offerings. In cybersecurity, in particular, buyers use analysts’ outputs ...

OX Security

SBOMs Critical to Software Supply Chain Security

Deb Radcliff | August 13, 2024 | Cyber Security, DevSecOps, DevSecOps adoption, SBOM, software supply chain, TalkSecure Blog

By Deb Radcliff, DevSecOps analyst and editor of CodeSecure’s TalkSecure educational content (syndicated at Security Boulevard & YouTube)LAS VEGAS – One day before the Black Hat Briefings started in Vegas last week, a group of experts met at ...

CodeSecure

Empowering the Shift: From Integration to Innovation in Application Security

Boaz Barzel | August 13, 2024 | API security, Application Security, DevSecOps

Last month, we explored how organizations can reclaim control over their Application Security (AppSec). Building on that discussion, we now delve deeper into the transformative steps necessary for security decision-makers to redefine ...

OX Security

The Importance of Domain and DNS Lifecycle Management with Mergers and Acquisitions

Karthik Kannan | August 8, 2024 | DevSecOps, dns, DNS Automation, DNS lifecycle, DNS vulnerabilities, domain, iam, PKI, Self-Service Domain, TLS

As a curious reader of global consulting service reports, one report especially around Global Mergers and Acquisitions (M&A) caught my eye. The world of strategic M&A saw deals totaling about $3.1 trillion ...

Blogs Archive - AppViewX

A Developer’s Tutorial to Using NPM Audit for Dependency Scanning

Eyal Katz | August 8, 2024 | developer-tools, DevSecOps, Open Source Security, security boulevard

Many developers overlook the risks lurking in third-party packages. Every package you add could harbor vulnerabilities, potentially exposing sensitive user data and granting unauthorized access to The post A Developer’s Tutorial to ...

Security boulevard - Spectral

Tenable, application security, vulnerabilities, software, vulnerabilities, issues, servers, vulnerability, Linux, vulnerability management, risk-based, vulnerabilities third-party supply chain Okta endpoint security

Tenable Adds Ability to Prioritize Vulnerabilities by Threat Level

Michael Vizard | August 7, 2024 | AI technologies, applicaton security, Cybersecurity, DevSecOps, Vulnerabilities

Tenable this week at the Black Hat USA 2024 conference added an ability to identify the vulnerabilities in an IT environment that should be remediated first based on the actual threat they ...

Security Boulevard

DevSecOps

Julio Godinez | August 5, 2024 | Anchore, DEVOPS, DevOps/DevSecOps, DevSec, DevSecOps, Harness, Mend, ReversingLabs

As the importance of securing software supply chains continues to grow, DevSecOps practices are being increasingly adopted to meet this demand. The challenge lies in optimizing these processes to ensure developers embrace ...

Toil Not: Automate DevOps Governance

Deb Radcliff | August 2, 2024 | attestation, CrowdStrike, DEVOPS, DevSecOps, governance, safety, SAST, SBOM, security, SolarWinds, TalkSecure Blog

By Deb Radcliff, DevSecOps analyst and editor of CodeSecure’s TalkSecure educational content (syndicated at Security Boulevard & YouTube) In this show, Deb interviews two innovative technologists driving the DevOps Automated Governance movement ...

CodeSecure