Cloud Security, DevOps, AppSec – The Week’s Best News – 2019.04.10
A Review of the Best News of the Week on Cloud Security, DevOps, AppSec To DevSecOps or not to DevSecOps? (Help Net Security, Apr 03 2019) “Security teams must commit to cultural changes to be successful in a DevSecOps world – they need to gain a better understanding of the business environment impacting their organizations […]
Cloud Security, DevOps, AppSec – The Week’s Best News – 2019.04.03
A Review of the Best News of the Week on Cloud Security, DevOps, AppSec Exploring container security: the shared responsibility model in GKE (Google, Mar 29 2019) This post is part of our blog post series on container security at Google. As newer infrastructure models emerge, though, it’s not always easy to figure out what […]
Cloud Security, DevOps, AppSec – The Week’s Best News – 2019.03.27
A Review of the Best News of the Week on Cloud Security, DevOps, AppSec A cybersecurity strategy to thwart advanced attackers (AWS Security Blog, Mar 21 2019) AWS has released two new whitepapers to help customers plan and implement a strategy that has helped many organizations protect, detect, and respond to modern-day attacks. Casino Screwup […]
Cloud Security, DevOps, AppSec – The Week’s Best News – 2019.03.20
A Review of the Best News of the Week on Cloud Security, DevOps, AppSec Apple, Google, GoDaddy misissued TLS certs with weak serial numbers (ZDNet, Mar 20 2019) Multiple CAs have misissued over 1.2 million TLS certs with weak 63-bit serial numbers, instead of the standard of 64 bits. Cloudflare Launches New HTTPS Interception Detection […]
Cloud Security, DevOps, AppSec – The Week’s Best News – 2019.03.13
A Review of the Best News of the Week on Cloud Security, DevOps, AppSec Companies are leaking sensitive files via Box accounts (ZDNet, Mar 12 2019) Leaks discovered at Apple, the Discovery Channel, Herbalife, Schneider Electric, and even Box itself. Gaming industry still in the scope of attackers in Asia (WeLiveSecurity, Mar 11 2019) Asian […]
Cloud Security, DevOps, AppSec – The Week’s Best News – 2019.03.06
A Review of the Best News of the Week on Cloud Security, DevOps, AppSec The patterns of elite DevSecOps practices (Help Net Security, Mar 05 2019) – DevOps automation – Elite DevSecOps practices are 350% more likely to have fully integrated and automated security practices across the DevOps pipeline. They also have increased feedback loops […]
Cloud Security, DevOps, AppSec – The Week’s Best News – 2019.02.27
A Review of the Best News of the Week on Cloud Security, DevOps, AppSec Hackers Can Slip Invisible Malware into ‘Bare Metal’ Cloud Computers (Wired, Feb 26 2019) Researchers point a tough-to-fix in some cloud computing setups: hackable firmware. Experts Find Serious Problems With Switzerland’s Online Voting System (Motherboard, Feb 22 2019) The public penetration […]
Cloud Security, DevOps, AppSec – The Week’s Best News – 2019.02.20
A Review of the Best News of the Week on Cloud Security, DevOps, AppSec Apple fighting pirate app developers, will insist on 2FA for coders (Sophos, Feb 15 2019) Are you an Apple developer? Care about security? Using 2FA? You will be soon… Switzerland offers cash for finding security holes in its e-voting system (WeLiveSecurity, […]
Cloud Security, DevOps, AppSec – The Week’s Best News – 2019.02.13
A Review of the Best News of the Week on Cloud Security, DevOps, AppSec Linux container bug could eat your server from the inside – patch now! (Sophos, Feb 12 2019) Crooks could take over your network thanks to a critical bug in a popular Linux containerisation toolkit… here’s what you need to know. Google […]
Cloud Security, DevOps, AppSec – The Week’s Best News – 2019.02.06
A Review of the Best News of the Week on Cloud Security, DevOps, AppSec Crooks Continue to Exploit GoDaddy Hole (Krebs on Security, Feb 04 2019) “Spammy Bear targeted dormant but otherwise legitimate domains that had one thing in common: They all at one time used GoDaddy’s hosted Domain Name System (DNS) service. Researcher Ron […]