Security

Security | News, how-tos, features, reviews, and videos

gears iot
Blue Hexagon network security

cloud security ts

Using OPA for multicloud policy and process portability

How Open Policy Agent allows developer teams to write and enforce consistent policy and authorization across multicloud and hybrid cloud environments

security threat / hacker / attack

Anti-adversarial machine learning defenses start to take root

Adversarial attacks are one of the greatest threats to the integrity of the emerging AI-centric economy.

Admission tickets in an digital network / access / admittance / authorization / authentication

GNAP: OAuth the next generation

The Grant Negotiation and Authorization Protocol would replace the browser-oriented OAuth with a more general authorization framework with more security features

steps stairs upward

4 steps to DevSecOps in your software supply chain

How to improve dependency management by ‘shifting security left’ and providing developers with a unified CI/CD pipeline

Eyeglasses rest on a binary field / code review / threat assessment / check vulnerabilities

IBM adds code risk analyzer to cloud-based CI/CD

IBM Cloud Continuous Delivery’s Code Risk Analyzer scans Python, Node.js, and Java source code in Git repositories for security and legal risks

Blue Hexagon network security

Using OPA for cloud-native app authorization

How companies like Netflix, Pinterest, Yelp, Chef, and Atlassian use OPA for ‘who-and what-can-do-what’ application policy

Digital bugs amid binary code. [security threats / malware / breach / hack / attack]

GitHub adds code scanning for security bugs

GitHub users can draw on ready-made and custom queries to discover security vulnerabilities in their codebases.

cloud security ts

2 egregious cloud security threats the CSA missed

The latest Cloud Security Alliance report highlights the ‘Egregious 11’ cloud security threats. Here are a couple more to consider

CSO  >  An exclamation-mark alert in a field of abstract technology.

Microsoft open-sources fuzzing test framework

OneFuzz enables continuous developer-driven fuzz testing to identify weaknesses in software prior to release

micro segmentation security lock 2400x1600

Using OPA to safeguard Kubernetes

Open Policy Agent addresses Kubernetes authorization challenges with a full toolkit for integrating declarative policies into any number of application and infrastructure components

containers

The five best Kubernetes security practices

Everyone is moving to containers for their programs, and to manage them, almost everyone is using Kubernetes. That leads to one big problem: How do you secure Kubernetes itself?

Out of place, in the middle of nowhere: a jet airplane in a dense forest

Cloudops tool integration is more important than the tools themselves

Focus on the features and functions of cloud operations and monitoring tools and you could miss the much larger advantage

ibm cloud native

OPA: A general-purpose policy engine for cloud-native

Open Policy Agent simplifies authorization policy creation and enforcement for distributed applications, Kubernetes, microservices, and much more

10 cloud security breach virtualization wireless

Google Cloud adds security capabilities for sensitive workloads

Confidential VMs, Assured Workloads for Government services are launched

A laptop user wearing a face mask works in a darkened space.

Social engineering hacks weaken cybersecurity during the pandemic

Disinformation, malware, and an array of cyberattacks are rising as fast as case counts

data science certification man at computer

14 IT certifications that will survive and thrive in the pandemic

These tech certifications not only have high value now, but employers will continue to value them as the coronavirus continues.

Automation  >  An assembly line's robotic arms conveyor belt work with binary code.

10 steps to automating security in Kubernetes pipelines

DevOps teams don’t need to sacrifice the speed of containerized development if they know what can be automated, why it’s important, and how to do it

Cloud security threats  >  Lightning strikes a digital landscape via binary clouds.

Use of cloud collaboration tools surges and so do attacks

Some industries have seen increases in cloud-related threat events rise as much as 1,350% since the COVID-19 crisis began.

Load More