Bitwarden launches E2EE Secrets Manager
Bitwarden, a popular open-source password management service, has released Bitwarden Secrets Manager, an open-source, end-to-end encrypted solution that helps development, IT …
Maintaining consistent security in diverse cloud infrastructures
As cloud infrastructures become increasingly API-driven and dynamically spread across expansive attack surfaces, achieving clarity proves difficult. Compounding this challenge …
Understanding the interplay between DevOps productivity and security
Not only are macroeconomic headwinds causing more significant stress for security and DevOps teams, but the increasing number of threats against shrinking teams is causing an …
How to make developers love security
In my last post I discussed how developers can be your security secret weapon… but how to help them love doing security work? That’s a whole other challenge! Stories of the …
Microsoft, GitHub announce application security testing tools for Azure DevOps
GitHub has announced that its application security testing tools are now more widely available for subscribers of Microsoft’s Azure DevOps Services. Enabling GitHub …
Attackers exploit APIs faster than ever before
After combing through 350,000 reports to find 650 API-specific vulnerabilities from 337 different vendors and tracking 115 published exploits impacting these vulnerabilities, …
Patch your Jira Service Management Server and Data Center and check for compromise! (CVE-2023-22501)
Australian software maker Atlassian has released patches for CVE-2023-22501, a critical authentication vulnerability in Jira Service Management Server and Data Center, and is …
CircleCI breach post-mortem: Attackers got in by stealing engineer’s session cookie
The attackers who pulled off the recent breach of continuous integration and continuous delivery (CI/CD) platform maker CircleCI got in by compromising an engineer’s …
Security measures to protect Kubernetes workloads
As companies undergo the shift to Kubernetes, security must be considered throughout the entire data lifecycle for IT teams who are constantly facing potential data breaches, …
The evolution of DevSecOps
73% of IT decision-makers admit more could be done to improve their DevSecOps practices, with many organizations behind in their goals, according to a survey conducted by …
How CISOs can safeguard security in CI/CD environments
DevOps is a staple at every forward-thinking organization these days. The agile development and release formula helps companies address customer issues and marketplace …
Critical RCE bug in GitLab patched, update ASAP! (CVE-2022-2884)
GitLab has fixed a remote code execution vulnerability (CVE-2022-2884) affecting the Community and the Enterprise Edition of its DevOps platform, and has urged admins to …
Featured news
Sponsored
Don't miss
- How to make Infrastructure as Code secure by default
- Suspect arrested over the Transport for London cyberattack
- Adobe completes fix for Reader bug with known PoC exploit (CVE-2024-41869)
- Losses due to cryptocurrency and BEC scams are soaring
- Top priorities for federal cybersecurity: Infrastructure, zero trust, and AI-driven defense