DevSecOps

October 04, 2024

In Episode 80 of the Cybersecurity Awesomeness Podcast, Chris Steffen and Ken Buckler from EMA compile a list of points that people should be thinking about during Cybersecurity Awareness Month ...

October 02, 2024

Open-source software has injected fun and excitement into the lives of IT professionals and technology hobbyists alike ... Unsurprisingly, open-source software's lineage is complex ... A single open-source project may have thousands of lines of code from hundreds of authors which can make line-by-line code analysis impractical and may result in vulnerabilities slipping through the cracks ...

September 27, 2024

In Episode 79 of the Cybersecurity Awesomeness Podcast, Chris Steffen and Ken Buckler from EMA present Cybersecurity 101: physical access control and biometrics ...

September 23, 2024

It's likely you've heard of the Rat Pack. Decades later, along came the Brat Pack. And today, there's the Threat Pack. While they might not be making headlines on stage or on screen, this dubious group of leaders is making headlines in other ways, most recently as part of the Cloud Security Alliance's Top Threats to Cloud Computing 2024 ...

September 20, 2024

In Episode 78 of the Cybersecurity Awesomeness Podcast, Chris Steffen and Ken Buckler from EMA discuss the exploding pager attacks in the Middle East, and why they are cybersecurity attacks ...

September 19, 2024

APIs are vital to the financial sector, enabling seamless interactions and efficient operations. However, recent high-profile breaches highlight the urgent need for stronger API security. Financial institutions, in particular, are prime targets for cybercriminals, due to the sensitive nature of the data they handle. The exposure of such sensitive data through APIs can have severe consequences ...

September 13, 2024

In Episode 77 of the Cybersecurity Awesomeness Podcast, Chris Steffen and Ken Buckler from EMA discuss election security ...

September 09, 2024

TechTarget's Enterprise Strategy Group (ESG) recently surveyed 350 IT and cybersecurity professionals and application developers to create a report called Modernizing Application Security to Scale for Cloud-Native Development ... When asked to identify their top challenges for AppSec teams supporting cloud-native dev processes, "understanding developer environments and assets to effectively manage security" was one of the top three responses provided ...

September 06, 2024

In Episode 76 of the Cybersecurity Awesomeness Podcast, Chris Steffen and Ken Buckler from EMA discuss the VERY minor vulnerability found in Yubico YubiKeys, and why it is important to properly evaluate the impacts of these types of vulnerabilities ...

September 05, 2024

Another RSA Conference has come and gone, but not without imparting the wisdom of its attendees who took part in Traceable AI's second annual survey ... The results from this year's survey portrayed a clear message: organizations are struggling to keep up with the continuously evolving challenges of API security ...

August 30, 2024

In Episode 75 of the Cybersecurity Awesomeness Podcast, Chris Steffen and Ken Buckler from EMA discuss the importance of identity solutions as part of a cyber security strategy ...

August 29, 2024

You've probably felt the pressure to deploy faster, scale quicker, and innovate constantly. It's exhilarating, but it can also be terrifying. What if a misconfiguration exposes your entire infrastructure? What if a secret gets leaked in a log file? Despite concerns, container security can actually reduce your attack surface, not expand it, and help lock down your containerized applications without sacrificing the agility that drew you to containers in the first place ...

August 27, 2024

Cyberattacks are becoming much more sophisticated and frequent, leaving organizations constantly pressured to prioritize security at every stage of software development ... To counter these threats, one solution is for DevSecOps to embrace "shift-left" testing — a practice that involves moving testing earlier in the software development lifecycle ...

August 23, 2024

In Episode 74 of the Cybersecurity Awesomeness Podcast, Chris Steffen and Ken Buckler from EMA compare one-off best-in-class tools vs. all-in-one security solutions ...

August 22, 2024

Development velocity is a standard KPI in software development, while QA velocity is rarely measured. Even with regulatory and compliance demands, DevOps methodologies, and the shifting left of numerous software testing functions, quality assurance topics (like performance, usability, security, and dependability) continue to be an afterthought in 2024 ...

August 21, 2024

CISOs are struggling with the need to empower both development and application security (AppSec) teams with the productivity benefits of AI tools while establishing governance to mitigate emerging risks, according to Seven Steps to Safely Use Generative AI in Application Security, a new report ...

August 16, 2024

In Episode 73 of the Cybersecurity Awesomeness Podcast, Chris Steffen and Ken Buckler from EMA provide a recap of the Black Hat and DEF CON conferences ...

August 09, 2024

In Episode 72 of the Cybersecurity Awesomeness Podcast, Chris Steffen and Ken Buckler from EMA to discuss the Microsoft DDoS attack and the CrowdStrike outage ...

August 07, 2024

Patrick Debois, the godfather of DevOps, once tweeted: "DevOps is about removing the friction between silos. All the rest is engineering." His idea, which grew into DevSecOps, integrates developers, IT operations, quality assurance, and InfoSec teams' security approaches in the software development lifecycle (SDLC), helping to address vulnerabilities proactively rather than discover them later in the game ...

August 02, 2024

In Episode 71 of the Cybersecurity Awesomeness Podcast, Maggie MacAlpine, Director of Cybersecurity Partnerships and Cybersecurity Evangelism at Seceon, joins Chris Steffen and Ken Buckler from EMA to discuss how managed security service providers (MSSPs) can improve their security offerings with the right security solutions ...

July 30, 2024

To better facilitate the secure development of software built and bought by federal agencies, the Cybersecurity and Infrastructure Security Agency (CISA) and Office of Management and Budget (OMB) created the Secure Software Development Attestation form ... While the time to fill out the Secure Software Attestation Form has come and gone for critical software and around the corner for all software, a recent survey from Lineaje, conducted a month before the June deadline, revealed significant gaps in software producers' preparedness and awareness ...

July 29, 2024

Security teams are struggling to keep pace with the risks posed by organizations' dependency on modern applications — the technology that underpins all of today's most used sites, according to Cloudflare's State of Application Security 2024 Report ...

July 26, 2024

In Episode 70 of the Cybersecurity Awesomeness Podcast, Stephan Jou, Sr. Director, Security Analytics at OpenText, joins Chris Steffen and Ken Buckler from EMA to discuss using AI in your XDR solutions ...

July 22, 2024

Considering the growing sophistication and frequency of cyberattacks, enterprises must make security a priority when developing new applications. To protect sensitive data and preserve the integrity of corporate operations, it's essential to follow the best practices. This blog discusses the best practices for secure enterprise application development so that your subsequent application development becomes easy, safe, and time effective ...

July 19, 2024

In Episode 69 of the Cybersecurity Awesomeness Podcast, Chris Steffen from EMA discusses how to best correlate and utilize your vast enterprise data stores using a data fabric with Nicole Bucala, Databee CEO, and Paul Kivikink, Databee SVP of Products and Alliances ...

Pages