Cloud Security, DevOps, AppSec – The Week’s Best News – 2018.11.21
A Review of the Best News of the Week on Cloud Security, DevOps, AppSec New feature to prevent Amazon S3 bucket misconfiguration (Help Net Security, Nov 19 2018) This new feature allows account owners/administrators to centrally block existing public access (whether made possible via an ACL or a policy) and to make sure that newly […]
Cloud Security, DevOps, AppSec – The Week’s Best News – 2018.11.14
A Review of the Best News of the Week on Cloud Security, DevOps, AppSec Three of the Most Crucial Sections of the DevSecOps Roadmap (DisruptOPS, Nov 08 2018) “As Rich Mogull says, Cloud Security starts with architecture and ends with automation. Our DevSecOps roadmap adheres to this guidance. This post will dig into the three […]
Cloud Security, DevOps, AppSec – The Week’s Best News – 2018.11.07
A Review of the Best News of the Week on Cloud Security, DevOps, AppSec Protecting What Matters: Data Guardrails & Behavioral Analytics (Disrupt:Ops, Nov 06 2018) The easiest way to understand the difference between data guardrails and data behavioral analytics is that guardrails rely on pre-built deterministic rules (which can be as simple as “if […]
Cloud Security, DevOps, AppSec – The Week’s Best News – 2018.10.31
A Review of the Best News of the Week on Cloud Security, DevOps, AppSec The hybrid cloud market just got a heck of a lot more compelling (TechCrunch, Oct 30 2018) Let’s start with a basic premise that the vast majority of the world’s workloads remain in private data centers. Cloud infrastructure vendors are working […]
Cloud Security, DevOps, AppSec – The Week’s Best News – 2018.10.24
A Review of the Best News of the Week on Cloud Security, DevOps, AppSec How S3 Buckets Become Public, and the Fastest Way to Find Yours (Disrupt:Ops, Oct 22 2018) Eight (Yes, Eight) Ways Amazon S3 Data Becomes Public…The interplay between these can be a little confusing so we’ll walk through the interactions after we […]
Cloud Security, DevOps, AppSec – The Week’s Best News – 2018.10.17
A Review of the Best News of the Week on Cloud Security, DevOps, AppSec What Security Managers Need to Know About Amazon S3 Exposures (Disrupt:OPS, Oct 11 2018) (1/2) The accidental (or deliberate) exposure of sensitive data on Amazon S3 is one of those deceptively complex issues. On the surface it seems entirely simple to […]
Cloud Security, DevOps, AppSec – The Week’s Best News – 2018.10.10
A Review of the Best News of the Week on Cloud Security, DevOps, AppSec DevOps & digital transformation are creating insecure apps (Help Net Security, Oct 08 2018) Not unlike last year’s findings, the top four most likely DAST vulnerabilities to be discovered remain: Information leakage (45 percent) Content spoofing (40 percent) Cross site scripting […]
Cloud Security, DevOps, AppSec – The Week’s Best News – 2018.10.03
A Review of the Best News of the Week on Cloud Security, DevOps, AppSec Facebook: No Evidence Hackers Accessed Third-Party Apps (Infosecurity Magazine, Oct 03 2018) Social network’s claims seem to limit impact of breach Latest Building Security In Maturity Model reflects software security initiatives of 120 firms (Help Net Security, Oct 03 2018) Synopsys […]
Cloud Security, DevOps, AppSec – The Week’s Best News – 2018.09.26
A Review of the Best News of the Week on Cloud Security, DevOps, AppSec U.S. General Service Administration Launches Bug Bounty Program (SecurityWeek, Sep 24 2018) The United States General Service Administration’s (GSA) Technology Transformation Service (TTS) has launched a bug bounty program on HackerOne, the hacker-powered security platform announced on Friday. In Quiet Change, […]
Cloud Security, DevOps, AppSec – The Week’s Best News – 2018.09.19
A Review of the Best News of the Week on Cloud Security, DevOps, AppSec Facebook Broadens Its Bug Bounty to Include Third-Party Apps (Wired, Sep 17 2018) Starting Monday, Facebook will pay at least $600 to researchers who spot third-party apps behaving badly on its platform. 2018 State of DevOps Report: Practical guidance for your […]