Security

Security | News, how-tos, features, reviews, and videos

winners loser tech gear 2016

3 wins and 3 losses for cloud computing

The good, the bad, and the ugly of a decade of cloud computing: Security and agility are definite wins, but cost and complexity are serious drawbacks.

Two developers collaborate on a project as they review code on a display in their workspace.

AutoRabit launches devsecops tool for Salesforce environments

CodeScan Shield comes with a new module, OrgScan, which governs organizational policies by enforcing the security and compliance rules mandated for Salesforce environments.

chain rust link heavy iron metal

Rust programming language gains dedicated security team

Beginning with a security audit and threat modeling exercises, the Rust language security initiative draws on staff and support from the OpenSSF and JFrog.

CSO  >  Searching for vulnerabilities  >  Magnifying lens in a virtual interface idnetifies weakness

Golang adds vulnerability management tooling

Go’s new support for vulnerability management pairs the Go vulnerability database with tooling that analyzes a codebase and surfaces known vulnerabilities.

tall blue buildings skyscrapers enterprise cityscape

3 multicloud lessons for cloud architects

Designing and deploying a single cloud architecture may not prepare you to take on a multicloud, especially where security and cost optimization are concerned.

Binary chain links of data  >  Blockchain / blockchain security / linked elements

Intro to blockchain consensus mechanisms

Blockchains are evolving, and consensus mechanisms are at the heart of it. Here's a quick look at the range of decentralized validation and authentication mechanisms in use today.

interconnecting gears on a keyboard / process / automation / machinery / mechanism / efficiency

Automation is the ultimate cloud security tip

Manual cloud security often leads to a major breach. Helping leadership understand the risks can make the case for funding to do it right.

broken chain metal link breach security

Security is hard and won’t get much easier

Software systems are complex, and development teams have conflicting goals. Oh, and people are imperfect.

bucket with holes breach security vulnerability

Kubescape boosts Kubernetes scanning capabilities

End-to-end open source security platform for Kubernetes has added vulnerability scanning for code repositories and container image registries.

digital identity / authentication

Zero-knowledge proof finds new life in the blockchain

ZKP has decades of history in computer science and cryptography. Now, it's evolving to support decentralized authentication for blockchains and web3.

chess strategy competition

How Cloudflare emerged to take on AWS, Azure, and GCP

The upstart internet security and edge infrastructure company has reinvented itself to challenge the hyperscale cloud providers. Can it succeed?

cloud security data breach crime accessible

It’s past time to figure out cross-cloud security

The people deploying multicloud will tell you that 'security is a nightmare.' Cross-cloud abstraction and automation of security services is the right solution.

analyze / inspect / examine / find / research / magnifying glass

Build SBOMs with Microsoft’s SPDX SBOM generator

Microsoft is making its internal, cross-platform, software bill of materials generation tool public and open source.

22 dg 040 watch out 2022 top global cloud threats

CrowdStrike enhances container visibility and threat hunting capabilities

The cloud-native security provider wants to help customers gain visibility into all of their containers, as well as uncover a growing array of threats across multicloud environments.

An exclamation-mark alert in a field of abstract technology.

7 biggest Kubernetes security mistakes

The most dangerous security holes are often the most basic. Start improving your Kubernetes security posture by fixing these simple mistakes.

Binary chain links of data  >  Blockchain / blockchain security / linked elements

How we’ll solve software supply chain security

Security teams need a standard set of processes for locking down roots of trust for software artifacts, and developers need a clear path to balance open source selection against security policies. Open source has answers.

data security / padlock / binary code / digital display

Securing data at rest and data in motion

The threats to your company’s data are many and varied, and so are the techniques for keeping that data safe and secure.

A broken link in a digital chaing / weakness / vulnerability

Software developers have a supply chain security problem

Every day, software developers implicitly trust software packages, container images, dependency maintainers, repository operators, and build systems that we don’t know anything about. It’s the opposite of Zero Trust.

9 cido Venetian carnival masks

Identity, trust, and their role in modern applications

Identity, trust, and trust sharing are indispensable to our belief in the validity of the services we interact with on the internet.

security monitoring

Sysdig Secure update adds ability to stop container attacks at runtime

Sysdig's Drift Control detects and stops attempts to run packages or binary files that were added or modified at runtime.

Load More