DevOps-driven adoption of new
technologies and processes
may mean security is an afterthought
and can expose new
gaps in security coverage and
Download this whitepaper which provides an overview of what DevSecOps is and how organizations can adopt its
practices in conjunction with technologies...
Kubernetes-native security is based on a single principle: security is implemented most effectively
when it is aligned with the system that is responsible for managing all of an organization’s containerized
Download this whitepaper which explores the six characteristics a security platform must...
The rapid adoption of open source projects can introduce vulnerabilities in standard
Kubernetes environments. OpenShift Container Platform supports these projects, allowing users to
gain open source advantages with a managed product’s stability and security. Red Hat OpenShift
offerings include five managed and...
The latest edition of the ISMG Security Report features an analysis of ransomware gang REvil’s threat to release stolen Apple device blueprints unless it receives a massive payoff. Also featured: discussions of the importance of a “shift left” strategy and efforts to secure cryptocurrencies.
An attacker added a backdoor to the source code for PHP, an open-source, server-side scripting language used by more than 75% of the world's websites. Core PHP project members say the backdoor was quickly removed.
He started his cybersecurity career as a pen tester. As a result, Gong CISO Jack Leidecker retains an affinity for the tech community and emerging tools. He shares insight on this passion and his drive to ensure security’s role in business enablement.
Investigators probing the supply chain attack that hit SolarWinds say attackers successfully hacked the company's Microsoft Visual Studio development tools to add a backdoor into Orion network monitoring security software builds. They warn that other vendors may have been similarly subverted.
In the wake of the SolarWinds breach, NIST's Ron Ross has turned his attention to systems security engineering - and the reality that the adversaries are exploiting it to their advantage better than the defenders are. This disparity, Ross says, has to change.
In this eBook learn how organizations can achieve cyber resilience in an increasingly digitized world. Gain quick tips on how to get the board’s attention and approval on CyberSecurity investments. And finally, deep dive into how to combat cyberattacks effectively with a CyberSecurity Incident Response Program.
Never store hardcoded credentials in code uploaded to public-facing GitHub repositories, and make sure none of your business associates are doing that. Those are just two takeaways from a new report that describes how nine organizations were inadvertently exposing health records for at least 150,000 patients.