CISO View Insights from the Global 1000: Five Steps for Integrating Security with DevOps

| | DEVOPS, Reports
The Challenge – Security vs. Velocity While organizations are increasingly adopting DevOps tools and methodologies and seeing tremendous business benefits, it is not always clear that security remains a priority. The truth ...
Shifting to DevSecOps, with Software Security Testing Built In

Shifting to DevSecOps, with Software Security Testing Built In

Many organizations today are in the process of transitioning to a DevOps-centric approach, but don’t want to leave security behind. In order to build security in from the beginning of their software ...

Five Best Practices to Achieving a Secure DevOps Model

The first article in our two-part series introduced the concept of a “whole brain” approach to achieving secure DevOps. This article continues the discussion by taking a closer look at the five ...
State of Web and Mobile DevSecOps

The State of Web and Mobile DevSecOps

As the leaders in coverage of the DevOps world, we are constantly pressed upon to convey the true state of DevSecOps at any given moment in time. We try to dig up ...
Security Boulevard
94% container

60% of Organizations Suffered a Container Security Incident in 2018, Finds Study

| | containers, DEVOPS, security
Many organizations have DevOps on their mind going into 2019. This is a global movement. In fact, Puppet and Splunk received responses for their 2018 State of DevOps Report from organizations on ...
Business Must Change: InfoSec in 2019

Business Must Change: InfoSec in 2019

I don't know about you, but I am happy to see 2018 ended. Personally, it was a very difficult year, capping a very difficult decade. Now, as we embark into 2019, it's ...
Securing Containers: Understanding and Eliminating Vulnerabilities

Securing Containers: Understanding and Mitigating Vulnerabilities

| | DEVOPS
Adoption of containers as a means to package and run applications continues to surge. There are many benefits driving this trend, first and foremost for developers, but also extending across the entire ...
Deconstructing Data Leak incident of Signet Jewelers (parent company of Kay and Jared jewelers)

Deconstructing Data Leak incident of Signet Jewelers (parent company of Kay and Jared jewelers)

Protecting the Crown Jewels: Deconstructing Data Leakage in Exotic Environments (Inspiration from Signet — Kay/Jared Jewelers Breach)Credits : Micheal HillNote : The following series of deconstruction/post-mortem is indicative of the security issues similar to ...

Lessons to Learn from Armored Cars in the Era of Cloud Computing

| | Cloud, cloud computing, DEVOPS
We employ a lot of militaristic terms in the IT security sector, and the language of defense is robust in part because it draws upon a rich history of technical innovations. When ...
AppSec Is Dead, but Software Security Is Alive & Well

AppSec Is Dead, but Software Security Is Alive & Well

Everyone agrees that an enterprise’s application ecosystem must be protected, especially when data breaches are reported with alarming frequency and the average total cost of a breach comes in at $3.62 million ...
Loading...