Security

Security | News, how-tos, features, reviews, and videos

Cybersecurity
skull and crossbones pixels hacked

woman peek out from behind a black curtain / look / spy / hide / conceal

Why zero knowledge matters

Zero-knowledge proof is the next big evolution for blockchain and Web3. A recent survey reveals how adopters are using ZKP now and what to expect in the future.

13 small business security

How Steampipe enables KPIs as code

CMD Solutions built tools for continuous controls assurance by using open-source Steampipe to define information security performance metrics as SQL statements.

fighter boxer competition boxing glove best fight  totokita getty

Open source security fought back in 2022

One year after the Log4j disaster, open source community efforts and new developer toolchains are addressing the challenges of software supply chain security.

Cybersecurity  >  A mysterious and intricate padlock with complex circuits

Complexity is the enemy of cloud security

Cloud security and IT security in general often overlook complexity. It’s not taught in security courses, and most experts don’t consider it in risk analytics.

basics / building a foundation / how-to / process / steps / stacking blocks

Cloud computing gets back to basics

Recent trends show a return to cloud fundamentals, such as data, development, deployment, and security, rather than chasing what’s new and cool.

DevOps DevSecOps Security Pipeline

What is DevSecOps? Securing devops pipelines

DevSecOps evolves devops concepts with tools and practices that embed security in every layer of the software development life cycle. Here's why more companies are embracing DevSecOps.

10 cloud security breach virtualization wireless

AWS' Inspector offers vulnerability management for Lambda serverless functions

AWS announces new cybersecurity features in Amazon Inspector and Amazon Macie at AWS Re:Invent 2022 in Las Vegas.

Email encryption  >  An encrypted binary 'at' symbol with a keyhole.

AWS releases Wickr, its encrypted messaging service for enterprises

The release of the enterprise version of the encrypted messaging service, announced at AWS re:Invent, is designed to allow secure collaboration across messaging, voice, video and file sharing.

Security guard conducting surveillance by watching several monitors 178602930

What observability means for cloud operations

When you look at your operations data, do you know what you’re seeing? Observability can help you gain more insights from complex cloud deployments.

worried man with hands on face scared nervous fearful

Cloud architects are afraid of automation

Automation is one of the greatest gifts to cloud architecture, operations, security, and finops. Yet, many architects still are reluctant to use it. What's so scary?

cloud computing / cloud network

Qualys previews TotalCloud FlexScan for multicloud security management

Agentless security management system aims to simplify vulnerability management for security teams and developers in cloud and hybrid cloud environments.

Digital bugs amid binary code. [security threats / malware / breach / hack / attack]

Azul detects Java vulnerabilities in production apps

Azul Vulnerability Detection promises to eliminate false positives without impacting performance, by drawing on monitoring and detection capabilities inside the Azul JVM.

'Job Openings' LED display signage with abstracted circuits. [ hiring / job opportunities ]

3 primo cloud computing jobs in 2023

The cloud boom and its resulting issues are boosting the pay and prestige of certain roles. Here's what it takes to be an architect, operations engineer, or security engineer.

cyber terrorism dynamite on laptop explode blow up binary

Why you’re getting cloud security wrong

New data shows that many enterprises are not approaching cloud security correctly, and it’s going to lead to unpleasant consequences.

A network of connected virtual container blocks.

Most reported CVEs for Docker Hub images are harmless

JFrog used Xray Container Contextual Analysis to scan the 200 most popular community images in Docker Hub, then tallied the results for the 10 most common CVEs. 78% were not exploitable.

One lock in a series is unlocked / weakness / vulnerability

It’s time to prioritize SaaS security

Did our focus on IaaS security come at the expense of SaaS security? Know what to guard against, especially excessive user permissions and misconfigured UIs, APIs, and integrations.

Multiple keys.

Public package repos expose thousands of API security tokens—and they’re active

JFrog’s new Xray Secrets Detection uncovered active access tokens in popular open-source software registries including Docker, npm, and PyPI. Here are our findings and takeaways.

10 cloud security breach virtualization wireless

Cloud security is the new battle zone

Attempted breaches are on the rise and cloud security professionals are forced to play 'Whac-A-Mole' with attacks. Are you ready to rethink your cloud security strategy yet?

Load More