Cloud Security, DevOps, AppSec – The Week’s Best News – 2021.08.04
A Review of the Best News of the Week on Cloud Security, DevOps, AppSec New CISA & NSA Guidance Details Steps to Harden Kubernetes (SecurityWeek, Aug 04 2021) New guidance from the United States Cybersecurity and Infrastructure Security Agency (CISA) and the National Security Agency (NSA) provides information on the steps that administrators can take […]
Cloud Security, DevOps, AppSec – The Week’s Best News – 2021.07.28
A Review of the Best News of the Week on Cloud Security, DevOps, AppSec Google Cloud Unveils New SOC, IDS Solutions (SecurityWeek, Jul 22 2021) Google Cloud this week announced new security offerings for its customers, including Autonomic Security Operations to improve security operations centers (SOCs) and Cloud Intrusion Detection System (IDS) for network-based threat […]
Cloud Security, DevOps, AppSec – The Week’s Best News – 2021.07.21
A Review of the Best News of the Week on Cloud Security, DevOps, AppSec Google to Bring HTTPS-First Mode to Chrome Browser (Dark Reading, Jul 14 2021) Beginning in M94, Chrome will offer HTTPS-First Mode, which will attempt to upgrade all page loads to HTTPS. Application security tools ineffective against new and growing threats (Help […]
Cloud Security, DevOps, AppSec – The Week’s Best News – 2021.07.14
A Review of the Best News of the Week on Cloud Security, DevOps, AppSec Advancing resiliency threat modeling for large distributed systems (Azure Blog, Jul 07 2021) All service engineering teams in Azure are already familiar with postmortems as a tool for better understanding what went wrong, how it went wrong, and the customer impact […]
Cloud Security, DevOps, AppSec – The Week’s Best News – 2021.07.07
A Review of the Best News of the Week on Cloud Security, DevOps, AppSec Pentagon Cancels Disputed JEDI Cloud Contract With Microsoft (SecurityWeek, Jul 06 2021) The Pentagon said Tuesday it is canceling a cloud-computing contract with Microsoft that could eventually have been worth $10 billion and will instead pursue a deal with both Microsoft […]
Cloud Security, DevOps, AppSec – The Week’s Best News – 2021.06.30
A Review of the Best News of the Week on Cloud Security, DevOps, AppSec AWS Acquires Encrypted Communications Service Wickr (SecurityWeek, Jun 25 2021) Amazon’s AWS subsidiary on Friday announced the acquisition of Wickr, a late-stage startup that sells end-to-end encrypted communications tools. Most Developers Never Update Third-Party Libraries in Their Software: Report (SecurityWeek, Jun […]
Cloud Security, DevOps, AppSec – The Week’s Best News – 2021.06.23
A Review of the Best News of the Week on Cloud Security, DevOps, AppSec GitHub Starts Scanning for Exposed Package Registry Credentials (SecurityWeek, Jun 10 2021) GitHub this week announced that it has started scanning code hosted on its platform for package registry credentials, including RubyGems and PyPI secrets. Cloud Security Alliance releases new security […]
Cloud Security, DevOps, AppSec – The Week’s Best News – 2021.06.16
A Review of the Best News of the Week on Cloud Security, DevOps, AppSec GitHub Starts Scanning for Exposed Package Registry Credentials (SecurityWeek, Jun 10 2021) GitHub this week announced that it has started scanning code hosted on its platform for package registry credentials, including RubyGems and PyPI secrets. Cloud Security Alliance releases new security […]
Cloud Security, DevOps, AppSec – The Week’s Best News – 2021.06.09
A Review of the Best News of the Week on Cloud Security, DevOps, AppSec How an Obscure Company Took Down Big Chunks of the Internet (Wired, Jun 08 2021) You may not have heard of Fastly, but you felt its impact when sites didn’t load around the world Tuesday morning. Google Experts Explore Open Source […]
Cloud Security, DevOps, AppSec – The Week’s Best News – 2021.06.02
A Review of the Best News of the Week on Cloud Security, DevOps, AppSec Use the OWASP API Top 10 to Secure Your APIs (DevOps, Jun 02 2021) The tools, languages, platforms, and methods used to build applications have changed drastically over the past decade. Application security practices have to change with them; otherwise, security […]