CMD Solutions built tools for continuous controls assurance by using open-source Steampipe to define information security performance metrics as SQL statements.
Cloud security and IT security in general often overlook complexity. It’s not taught in security courses, and most experts don’t consider it in risk analytics.
Automation is one of the greatest gifts to cloud architecture, operations, security, and finops. Yet, many architects still are reluctant to use it. What's so scary?
Agentless security management system aims to simplify vulnerability management for security teams and developers in cloud and hybrid cloud environments.
The cloud boom and its resulting issues are boosting the pay and prestige of certain roles. Here's what it takes to be an architect, operations engineer, or security engineer.
Did our focus on IaaS security come at the expense of SaaS security? Know what to guard against, especially excessive user permissions and misconfigured UIs, APIs, and integrations.
JFrog’s new Xray Secrets Detection uncovered active access tokens in popular open-source software registries including Docker, npm, and PyPI. Here are our findings and takeaways.
Attempted breaches are on the rise and cloud security professionals are forced to play 'Whac-A-Mole' with attacks. Are you ready to rethink your cloud security strategy yet?
Developer-first security is the future in the cloud. Because the responsibility for cloud security rests with developers and devops teams, not IT security.
Designing and deploying a single cloud architecture may not prepare you to take on a multicloud, especially where security and cost optimization are concerned.