Securing Infrastructure-as-Code From Tampering and Misconfigurations
Moving applications and development to the cloud has delivered operational benefits at scale. Faster release cycles and microservices architectures drive complexity and a need for speed that can only be solved by ...
CIS Control 12: Network Infrastructure Management
Networks form a critical core for our modern-day society and businesses. These networks are comprised of many types of components that make up the networks’ infrastructure. Network infrastructure devices can be physical ...
With Solvo and KICS (by Checkmarx) you will never have to worry about leaky S3 Buckets
With the rise of cloud-native technologies more responsibility falls in the hands of developers. Beside the application source code developers are now writing containers code, orchestrators code and also defining their infrastructure ...
Palo Alto Networks Extends Cloud Security Portfolio
At its online Ignite ’21 conference, Palo Alto Networks today unfurled the Prisma Cloud 3.0 security platform that adds tools for securing cloud infrastructure along with an agentless option for securing applications ...
Lacework Acquires Soluble to Improve Cloud Security
Lacework this week revealed it has acquired Soluble, a provider of a platform for remediating code that was created to provision infrastructure. At the same time, Lacework has added an inline vulnerability ...
Eureka! How Pulumi Brought Sanity to Our DevOps Team
I started out my professional career as a software developer then became a DevOps engineer. (Get it? It’s a joke.) The irony is that DevOps is not an engineering discipline at all, ...
How Shift-Left Extremism is Harming your API Security Strategy
Shift-left security philosophy promotes the notion that organizations should push more of security processes earlier into the design and development phases of software development lifecycles. This ideal is promoted heavily in DevOps ...