Get Ready for Another Critical Drupal Patch Related to Drupalgeddon2

Developers of the popular Drupal content management system plan to release a critical out-of-band patch April 25 that’s related to the actively exploited Drupalgeddon2 vulnerability fixed late last month. “There will be a security release of Drupal 7.x, 8.4.x, and 8.5.x on April 25th, 2018 between 16:00 – 18:00 UTC,” the Drupal developers said in..
Read more

ShiftLeft Wins 2018 Gartner Cool Vendor for DevOps

Gartner recently recognized ShiftLeft as a 2018 Cool Vendor in DevOps for our continuous application security service. The Cool Vendor designation is awarded to new companies that are “innovative, impactful and intriguing.”We’re hosting a webinar tomorrow to introduce ShiftLeft and explain why we are cool:https://go.shiftleft.io/gartner-cool-vendors-for-devopsWhile DevOps has led to incredible efficiencies in the software development life cycle, it has also introduced new security challenges. At ShiftLeft, we believe that continuous automation is the key to modernizing application security for the DevOps era.ShiftLeft uses semantic graphing, in development, to create custom security profiles for each application (or microservice)...
Read more

Steps to Keep Your Site Clean: Updates

This is the second post of a series about Steps to Keep Your Site Clean. In the first post, we talked about Access Points; here we are going to offer more insight on Updates. Updates Repeatedly we see websites being infected or reinfected when important security updates are not taken seriously. Most software updates are created due to a security breach that has been fixed. Updating to the new version keeps your site safe from vulnerabilities that are very likely to affect your site. Continue reading Steps to Keep...
Read more

Highlights From RSA Conference 2018

Approximately 50,000 attendees descended on San Francisco’s Moscone Center April 16–20 for RSA Conference 2018. With cyberthreats on the upswing, this year’s theme of “Now Matters” was especially apt, and a wide range of keynotes, sessions, and courses covering cybersecurity today didn’t disappoint. In this post, we’ll recap some of the highlights in a day-by-day … Continue reading "Highlights From RSA Conference 2018"
Read more

Overcoming DevOps Implementation Challenges

Most organizations have already adopted or are moving towards adopting a DevOps model into their work culture for improved productivity and workflow. In simple terms, DevOps is an application delivery methodology that encourages collaboration and communication between the developers and operations teams across all phases of the Software Development Life Cycle (SDLC). The collaboration between … Read More The post Overcoming DevOps Implementation Challenges appeared first on The State of Security.
Read more

DevSecOps Survey Reveals Heightened Interest In Automated Security

The 5th annual DevSecOps community survey for 2018 from Sonatype reveals heightened interest in DevSecOps practices after the recent surge of high profile breaches as well as highlights security integration statistics among teams with mature DevSecOps workflows. In this blog post, we’ll discuss some of the important findings from the survey of 2,076 IT professionals … Read More The post DevSecOps Survey Reveals Heightened Interest In Automated Security appeared first on The State of Security.
Read more

Adventures in Data Visualization (Part 2)

Massaging data to make it actionableIn this multi part data visualization design series, we’re exploring the concepts upon which we’ve used to build our user experience at ShiftLeft. In our product, we manage lots of application data, so while the examples below are generic, the concepts of how-to visualize complex datasets, in an actionable manner, without overwhelming the user is core to how we think about UX design.In the first post, we explored the limitations of table views, and an iterative approach to mining and massaging raw multidimensional data (an employee database), for the purpose...
Read more

8 SecOps-Related Sessions You Don’t Want to Miss at RSA Conference 2018

As you likely know, RSA Conference is one of the largest and most comprehensive security events held each year. Choosing which sessions to attend and how to prioritize your time can be a big job. At Threat Stack, we have SecOps on our minds big-time, so in this post we put together a list of … Continue reading "8 SecOps-Related Sessions You Don’t Want to Miss at RSA Conference 2018"
Read more
Page 1 of 2212345...1020...Last »