Security
Security | News, how-tos, features, reviews, and videos
6 security best practices for cloud-native applications
Building secure, resilient, and scalable cloud-native applications requires a new set of best practices that diverge from traditional application development. Start with these six.
Security, privacy, and generative AI
The integration of large language models into many third-party products and applications present many unknown security and privacy risks. Here’s how to address them.
Oracle open-sources Jipher for FIPS-compliant SSL
Oracle also plans to release the Oracle Zero Trust Packet Routing Platform, which is based on an initiative to develop a new open standard for data and network security.
Microsoft .NET 8 enhances ID management
.NET 8 aims to simplify identity management and login for single-page applications and Blazor web apps.
Open source is still the future of enterprise IT
Open source projects continue to point the way for enterprise infrastructure, with eBPF, Cilium, Tetragon, and OpenTelemetry playing major roles.
Is ChatGPT writing your code? Watch out for malware
Hackers have infiltrated a tool your software development teams may be using to write code. Not a comfortable place to be.
The state of API security in 2023
Understanding the landscape of interactions, behaviors, and potential threat vectors is the next frontier of API security. However, four in 10 companies still can’t discover all of the APIs they’re using.
Splunk cuts 7% of workforce ahead of Cisco acquisition
The layoffs are happening in the wake of a market retraction, Splunk CEO Gary Steele said.
3 musts for your 2024 cloud to-do list
It’s time to look at top priorities for cloud deployments. It's a great opportunity to tackle access controls, cost optimization, and complexity.
Biden lays down the law on AI
The White House today issued a long-awaited executive order that hammers out clear rules and oversight measures to ensure artificial intelligence is kept in check, while also providing paths for it to grow.
How to have encryption, computation, and compliance all at once
Baffle Advanced Encryption was designed to overcome the barriers to adopting encryption for analytics. Here’s how it enables compliant, privacy-enhanced computation.
CloudBees readies cloud-native devsecops platform
CloudBees platform built on Tekton boasts feature flagging, value stream management, CI/CD pipeline orchestration, and GitHub Actions-like workflow automation.
Learning from Let’s Encrypt’s 10 years of success
Yes, having the support of a foundation helps, but more important is a solid technological solution to a recognized problem.
Linux distros need to take more responsibility for security
Between the rapid release of open source software, and modern OSes preloaded with packages, enterprises are vulnerable to attacks they aren’t even aware of.
How generative AI changes cybersecurity
The impacts of large language models and AI on cybersecurity range from the good to the bad to the ugly. Here’s what to watch out for, and how to prepare.
What ChatGPT doesn’t say about Kubernetes in production
Generative AI is already proving helpful across many relatively basic use cases, but how does it hold up when tasked with more technical guidance?
JFrog adds ML model management to devsecops platform
JFrog unveiled a number of new platform capabilities including static application security testing and anti-tampering and compliance checks for software releases.
How to get a handle on shadow AI
By allowing the use of AI tools proven to be safe, but requiring them to be used within explicit guidelines, you can alleviate both employee frustration and organizational risk.