Security News

A security researcher has discovered a severe vulnerability in the popular, open source event-driven platform StackStorm that could allow remote attackers to trick developers into unknowingly...

While most DevOps manuals talk about how and why you should embed security into a company’s DevOps culture, the reality is that most security teams are built in a silo—and breaking free from that...

Tripwire, a leading global provider of security and compliance solutions for enterprises and industrial organizations, announced at RSA Conference expanded coverage and support for DevOps...

Some predictions are more accurate than others. Last year, I was sure that serverless would finally overtake containers—but then 2018 turned out to be the year of Kubernetes. In the San Francisco...

XebiaLabs, since receiving a $100M+ strategic capital investment in early 2018, has added a range of new product enhancements that address enterprise DevOps challenges. These innovations further...

Threat Stack released a new API that will give customers the ability to create, deploy, augment, and tune security rules directly within their existing DevOps and security tools. Threat Stack...

Microsoft has launched yet another bug bounty program and is urging security researchers to look into the security of Azure DevOps, its cloud service for collaborating on code development. About...

Here’s an overview of some of last week’s most interesting news and articles: Compromised ad company serves Magecart skimming code to hundreds of websites The attackers managed to compromise...

The Redmond giant is keenly interested in remote code execution and privilege escalation flaws.

While security strategies should address privileged access and the risk of unsecured secrets and credentials, they should also closely align with DevOps culture and methods to avoid negatively...