Cloud Security, DevOps, AppSec – The Week’s Best News – 2020.08.12
A Review of the Best News of the Week on Cloud Security, DevOps, AppSec Facebook open-sources a static analyzer for Python code (Help Net Security, Aug 10 2020) Need a tool to check your Python-based applications for security issues? Facebook has open-sourced Pysa (Python Static Analyzer), a tool that looks at how data flows through […]
Cloud Security, DevOps, AppSec – The Week’s Best News – 2020.08.05
A Review of the Best News of the Week on Cloud Security, DevOps, AppSec Microsoft Paid Out ~$14M via Bug Bounty Programs in Past Year (SecurityWeek, Aug 04 2020) Microsoft reported on Tuesday that it paid out roughly $13.7 million through its bug bounty programs between July 1, 2019, and June 30, 2020. Google Adds […]
Cloud Security, DevOps, AppSec – The Week’s Best News – 2020.07.29
A Review of the Best News of the Week on Cloud Security, DevOps, AppSec Organizations Continue to Struggle With App Vulns (Dark Reading, Jul 24 2020) A high percentage of discovered bugs remain unremediated for a long time, a new study shows. Attackers exploit Twilio’s misconfigured cloud storage, inject malicious code into SDK (Help Net […]
Cloud Security, DevOps, AppSec – The Week’s Best News – 2020.07.22
A Review of the Best News of the Week on Cloud Security, DevOps, AppSec How Hackers Changed Strategy with Cloud (Cloud Security Alliance, Jul 21 2020) Within minutes of adding a new endpoint to the internet, a potential attacker has scanned it. A single cloud misconfiguration can put a target on your organization’s back and […]
Cloud Security, DevOps, AppSec – The Week’s Best News – 2020.07.15
A Review of the Best News of the Week on Cloud Security, DevOps, AppSec Google Moves to Secure the Cloud From Itself (Wired, Jul 14 2020) Confidential Virtual Machines allows Google Cloud Services Customers to keep data secret—even when it’s being actively processed. 70% of organizations experienced a public cloud security incident in the last […]
Cloud Security, DevOps, AppSec – The Week’s Best News – 2020.07.08
A Review of the Best News of the Week on Cloud Security, DevOps, AppSec How Cloud DLP can help with compliance, security, and privacy (Google Cloud, Jul 05 2020) A look back at the history of DLP before discussing how DLP is useful in today’s environment, including compliance, security, and privacy use cases. FTC Guidance […]
Cloud Security, DevOps, AppSec – The Week’s Best News – 2020.07.01
A Review of the Best News of the Week on Cloud Security, DevOps, AppSec HackerOne Reveals Top 10 Bug-Bounty Programs (Dark Reading, Jun 29 2020) Rankings based on total bounties paid, top single bounty paid, time to respond, and more. Chinese bank requires foreign firm to install app with covert backdoor (Ars Technica, Jun 26 […]
Cloud Security, DevOps, AppSec – The Week’s Best News – 2020.06.24
A Review of the Best News of the Week on Cloud Security, DevOps, AppSec Inside the Mind of the Hacker 2019 (Bugcrowd, Jun 23 2020) A comprehensive overview of Bugcrowd’s security researcher community, the motivations for bug hunting and the economics of whitehat hacking. Web skimming with Google Analytics (Securelist, Jun 22 2020) Web skimming […]
Cloud Security, DevOps, AppSec – The Week’s Best News – 2020.06.17
A Review of the Best News of the Week on Cloud Security, DevOps, AppSec Data Security in the SaaS Age: Focus on What You Control (Securosis Blog, Jun 15 2020) “Returning to the Data Breach Triangle, you can stop a breach by either ‘eliminating’ the data to steal, stopping the exploit, or preventing egress/exfiltration. In […]
Cloud Security, DevOps, AppSec – The Week’s Best News – 2020.06.10
A Review of the Best News of the Week on Cloud Security, DevOps, AppSec Open Source Vulnerabilities Increased By 130% in 2019 (Infosecurity Magazine, Jun 08 2020) Open source software vulnerabilities are at historically high levels Will Vote-by-App Ever Be Safe? (Dark Reading, Jun 09 2020) Even with strong security measures, Internet voting is still […]