Security
Security | News, how-tos, features, reviews, and videos
Using OPA for multicloud policy and process portability
How Open Policy Agent allows developer teams to write and enforce consistent policy and authorization across multicloud and hybrid cloud environments
Anti-adversarial machine learning defenses start to take root
Adversarial attacks are one of the greatest threats to the integrity of the emerging AI-centric economy.
GNAP: OAuth the next generation
The Grant Negotiation and Authorization Protocol would replace the browser-oriented OAuth with a more general authorization framework with more security features
4 steps to DevSecOps in your software supply chain
How to improve dependency management by ‘shifting security left’ and providing developers with a unified CI/CD pipeline
IBM adds code risk analyzer to cloud-based CI/CD
IBM Cloud Continuous Delivery’s Code Risk Analyzer scans Python, Node.js, and Java source code in Git repositories for security and legal risks
Using OPA for cloud-native app authorization
How companies like Netflix, Pinterest, Yelp, Chef, and Atlassian use OPA for ‘who-and what-can-do-what’ application policy
GitHub adds code scanning for security bugs
GitHub users can draw on ready-made and custom queries to discover security vulnerabilities in their codebases.
2 egregious cloud security threats the CSA missed
The latest Cloud Security Alliance report highlights the ‘Egregious 11’ cloud security threats. Here are a couple more to consider
Microsoft open-sources fuzzing test framework
OneFuzz enables continuous developer-driven fuzz testing to identify weaknesses in software prior to release
Using OPA to safeguard Kubernetes
Open Policy Agent addresses Kubernetes authorization challenges with a full toolkit for integrating declarative policies into any number of application and infrastructure components
The five best Kubernetes security practices
Everyone is moving to containers for their programs, and to manage them, almost everyone is using Kubernetes. That leads to one big problem: How do you secure Kubernetes itself?
Cloudops tool integration is more important than the tools themselves
Focus on the features and functions of cloud operations and monitoring tools and you could miss the much larger advantage
OPA: A general-purpose policy engine for cloud-native
Open Policy Agent simplifies authorization policy creation and enforcement for distributed applications, Kubernetes, microservices, and much more
Google Cloud adds security capabilities for sensitive workloads
Confidential VMs, Assured Workloads for Government services are launched
Social engineering hacks weaken cybersecurity during the pandemic
Disinformation, malware, and an array of cyberattacks are rising as fast as case counts
14 IT certifications that will survive and thrive in the pandemic
These tech certifications not only have high value now, but employers will continue to value them as the coronavirus continues.
10 steps to automating security in Kubernetes pipelines
DevOps teams don’t need to sacrifice the speed of containerized development if they know what can be automated, why it’s important, and how to do it
Use of cloud collaboration tools surges and so do attacks
Some industries have seen increases in cloud-related threat events rise as much as 1,350% since the COVID-19 crisis began.
-
White Paper
-
White Paper
-
Video/Webcast
Sponsored -
Video/Webcast
Sponsored -
Analyst Report
Sponsored