Security | News, how-tos, features, reviews, and videos

micro segmentation security lock 2400x1600
A broken link in a digital chaing / weakness / vulnerability

businesswoman daydreaming 86527857

What most cloud-using CIOs want in 2022

A single answer to technical questions, cheaper security, and skills on demand are the biggest items on the 2022 wish lists.

Digital bugs amid binary code. [security threats / malware / breach / hack / attack]

What app developers need to do now to fight Log4j exploits

Why you may already be at risk, how to detect and mitigate the Log4j vulnerabilities now, and how to improve your code security in the future.

A magnifying lens exposes an exploit amid binary code.

Why SBOM management is no longer optional

In the aftermath of Log4Shell, generating software bills of materials and quickly accessing their information will be critical to addressing the new realities of software supply chain vulnerabilities and attacks.

fire flames

How developers scrambled to secure the Log4j vulnerability

A group of developers and maintainers scrambled to secure the Log4j vulnerability over the weekend, but there is still a lot of work to do to clean up the mess.

A secure conceptual chain of hardware circuitry and CPUs / chips within a network of connections.

Securing the Kubernetes software supply chain

Microsoft’s Ratify proposal adds a verification workflow to Kubernetes container deployment.

security bug

How to detect the Log4j vulnerability in your applications

A bug in the ubiquitous Log4j library can allow an attacker to execute arbitrary code on any system that uses Log4j to write logs. Does yours?

abstract arrows direction process magnifying glass search investigate

Integrate security into CI/CD with the Trivy scanner

Open source Trivy plugs into the software build process and scans container images and infrastructure-as-code files for vulnerabilities and misconfigurations.

2 two factor

GitHub will require 2FA for some NPM registry users

Mandate will apply to maintainers and admins of top packages on the JavaScript registry, in response to two recent security incidents.

One lock in a series is unlocked / weakness / vulnerability

Security is the Achilles’ heel of multicloud

With 2022 looking like the year of multicloud, enterprises need a solid plan for multicloud security.

8 encryption

A quick guide to modern cryptography

Understand the crypto concepts behind the modern internet security infrastructure, from digital signatures and transport layer security to blockchains and Bitcoin.

network security digital internet firewall binary code

The race to secure Kubernetes at run time

A new wave of startups is looking to help developers secure their containerized applications after they go into production. Is this the future of application security?

integrated network

3 reasons devops must integrate agile and ITSM tools

Automation and integration are key for companies hoping to modernize dev, ops, and security workflows.

Computerworld - Scary Tech [Slide-06] - Well-known vulnerabilities with no fixes

When containers become a nightmare

Too few people doing container development are paying attention to security issues. Doubling down on scanning at every stage is a simple solution.

checklist hand

3 things to add to your 2022 cloud to-do list

Cloudops, layered security, and a well-trained staff should all be on your radar for next year.

cyber security shield lock protect

How to prevent CSRF attacks in ASP.NET Core

Take advantage of anti-forgery tokens in ASP.NET Core to protect users of your applications against cross site request forgery exploits.

FireMon network security policy management

How to secure cloud infrastructure across the development lifecycle

Empowering cloud teams with automated policy-as-code guardrails helps them move faster and more securely.

cloud security ts

Cyber security in the public cloud

A brief guide to the network, infrastructure, data, and application security capabilities AWS, Microsoft Azure, and Google Cloud provide to prevent cyber attacks and protect your cloud-based resources and workloads.

10 cloud security breach virtualization wireless

Move faster with continuous security scanning in the cloud

Cloud-native application protection platforms are a promising approach to securing cloud-based applications without sacrificing development speed.

Load More