Category List

IAM Access Analyzer Review

IAM Access Analyzer Review

TL;DR – This is a free tool that helps solve one of the biggest security problems when working in AWS. Turn it on. Turn it on now! Instructions are here. AWS misconfigurations ...

Why You Need a Software Bill of Materials More Than Ever

Imagine that a new vulnerability in lodash was just announced. Applications using the npm package are being exploited through large scale automated DoS attacks. You need to act quickly to understand if ...

PSA: Beware of Exposing Ports in Docker

Docker is an awesome technology, and it’s prevalent in nearly every software developer’s workflow. It is useful for creating identical environments and sharing them between development, testing, production, and others. It’s a ...

Webinar: Burp-less Hacking – Learning Web Application Pentesting on a Budget

Register Now to See a Full WebApp Pentest w/ FOSS! If there is one tool that a professional performing a web application penetration test or bug bounty hunting should buy, it’s Burp ...

Application Layer Protection for Istio Service Mesh

Today, Signal Sciences announced another industry-first: the launch of our next-gen WAF integration with Istio service mesh. As development teams move from monolithic to distributed, microservices-based application architectures, managing the security and ...
Website Security Tips for Black Friday & Cyber Monday

Website Security Tips for Black Friday & Cyber Monday

Sucuri’s focus has always been on educating website owners about the latest threats and vulnerabilities — and much of that depends on our industry-leading research team. As the holiday season approaches, we ...

Securing Ansible Automation Environments with CyberArk

| | DEVOPS
Automation Is Transforming IT Departments Automated processes are transforming IT functions – even IT departments – by replacing manual tasks once handled by IT administrators with self-service tools and automated processes. For ...

7 Big Ideas from Cybersecurity Leaders We’ve Interviewed

This post brings together powerful ideas from the interviews we’ve conducted with cybersecurity leaders for our Q&A series ...

“This is the New Op Model” – Why State Farm Sponsored ADDO, and the Results

Sonatype is among the many supporters of All Day DevOps (ADDO), the world’s largest conference for DevOps practitioners. Close to 40,000 people attended this year’s 24-hour event -- and 10% of them ...
8 Best Practices for Strengthening Security in Cloud-Native Environments

8 Best Practices for Strengthening Security in Cloud-Native Environments

Cloud-native companies and larger companies migrating to cloud environments continue to see the cloud as a way to gain speed, reliability, and other well-known benefits. But there are still plenty of pitfalls ...
Loading...