Cloud Security, DevOps, AppSec – The Week’s Best News – 2018.09.12
A Review of the Best News of the Week on Cloud Security, DevOps, AppSec British Airways breach was effected by Magecart attackers (Help Net Security, Sep 11 2018) The group has been compromising online shops left and right for years and its most recent known target before British Airways was Ticketmaster. They use the stolen […]
Cloud Security, DevOps, AppSec – The Week’s Best News – 2018.09.05
A Review of the Best News of the Week on Cloud Security, DevOps, AppSec How Google Chrome Spent a Decade Making the Web More Secure (Wired, Sep 04 2018) Crucially, Chrome managed tabs in a new way; its “sandbox” made each one run with its own permissions and protected memory. That way if one tab […]
Cloud Security, DevOps, AppSec – The Week’s Best News – 2018.08.29
A Review of the Best News of the Week on Cloud Security, DevOps, AppSec New research: what sets top-performing DevOps teams apart (Google Cloud Blog, Aug 29 2018) Key takeaway #4: Don’t be too cautious. Failure in software development is a given, and that can lead DevOps teams to deploy new code less frequently while […]
Cloud Security, DevOps, AppSec – The Week’s Best News – 2018.08.22
A Review of the Best News of the Week on Cloud Security, DevOps, AppSec A Microsoft DevSecOps SAST Exercise (Microsoft DevOps Blog, Aug 17 2018) Static Application Security Testing (SAST) is a critical DevSecOps practice. As engineering organizations accelerate continuous delivery to impressive levels, it’s important to ensure that continuous security validation keeps up. To […]
Cloud Security, DevOps, AppSec – The Week’s Best News – 2018.08.15
A Review of the Best News of the Week on Cloud Security, DevOps, AppSec Is it Time to Replace Pen Testing with Crowdsourced security? (Infosecurity Magazine, Aug 14 2018) As crowdsourced security emerges, are we ready to throw away pen testing as a methodology? Comcast Xfinity web flaws exposed customer data (Naked Security – Sophos, […]
Cloud Security, DevOps, AppSec – The Week’s Best News – 2018.08.08
A Review of the Best News of the Week on Cloud Security, DevOps, AppSec Facebook Open Sources TLS 1.3 Library (SecurityWeek, Aug 07 2018) Already deployed globally on Facebook’s mobile apps, load balancers, and internal services, the library handles millions of TLS 1.3 handshakes every second across the social media giant’s infrastructure. At the moment, […]
Cloud Security, DevOps, AppSec – The Week’s Best News – 2018.08.01
A Review of the Best News of the Week on Cloud Security, DevOps, AppSec Pentagon Reveals “Do Not Buy” Software List (Infosecurity Magazine, Jul 31 2018) Russian and Chinese firms targeted in attempt to improve cybersecurity Google Cloud introduces shielded virtual machines for additional security (TechCrunch, Jul 25 2018) These specialized VMs run on GCP […]
Cloud Security, DevOps, AppSec – The Week’s Best News – 2018.07.25
A Review of the Best News of the Week on Cloud Security, DevOps, AppSec Chrome starts marking all HTTP sites as “Not secure” (Help Net Security, Jul 24 2018) If you’re using Google Chrome and you suddenly start seeing sites you usually visit labeled as “Not secure”, it’s because Google wants to push site owners […]
Cloud Security, DevOps, AppSec – The Week’s Best News – 2018.07.18
A Review of the Best News of the Week on Cloud Security, DevOps, AppSec Voting Machines with Remote-Access software on States’ Systems (Motherboard, Jul 18 2018) Remote-access software and modems on election equipment ‘is the worst decision for security short of leaving ballot boxes on a Moscow street corner.’ How Google’s Safe Browsing Helped Build […]
Cloud Security, DevOps, AppSec – The Week’s Best News – 2018.07.11
A Review of the Best News of the Week on Cloud Security, DevOps, AppSec The aftermath of the Gentoo GitHub hack (Network World Security, Jul 10 2018) A password guess and five days offline have left not only Gentoo’s GitHub admins, but all of us, with some things to think about. Another Linux distro poisoned […]