Security News

As attack surfaces expand and applications become more complex, regular pen tests become a crucial component of a strong web application security posture. Pen testing is often conducted periodically, which results in a "Security sprint" every time a new test is scheduled.

Microsoft is rolling out its usual host of cloud security features and services at this week's Ignite 2022 conference, with the focus on what's happening in and outside the firewall. Protecting against sensitive information being shared by teams is also a theme, according to the show briefing, although some of the newly-announced security features have been previewed with Redmond Microsoft 365 E5 license users.

GitLab released the results of its annual DevSecOps survey which highlights the continued prioritization of security and compliance, investment in toolchain consolidation, and the ongoing impacts of rapid DevOps adoption. This Help Net Security video reveals how organizations continue to consolidate their DevOps toolchains and processes.

The 2022 survey results highlight security as the highest-priority investment area for organizations, with more than half of security team members stating their organizations have either shifted security left or plan to this year. Security has surpassed even cloud computing as the number one investment area across DevOps teams at global organizations.

In this Help Net Security video, Erik Costlow, Senior Director of Product Management at Azul, talks about Java centric vulnerabilities and the headache they have become for developers everywhere. He touches on the need for putting security back into DevOps and how developers can better navigate vulnerabilities that are taking up all of their efforts and keeping them from being able to focus on the task at hand.

Tech teams worry about protecting intellectual property in addition to managing costs and ensuring reliability when selecting a cloud service provider, according to a new report. It's not an either/or situation with 20% of companies that use a smaller cloud provider also use a hyperscaler.

Puppet revealed the findings of its report which revealed how the post-pandemic environment directly impacted DevOps salaries as organizations invest in competitive compensation and top talent. "The gradual decrease in a wage gap hopefully points to a long-term shift in pay equity. As a DevOps leader, I am inspired by this progression and I look forward to seeing more equality in wages and gender parity across DevOps overall."

The DevOps market is expected to surpass $30 billion by 2028, as reported in a research study by Global Market Insights. The rising demand for rapid software developments across industries is likely to further support the DevOps market growth.

DevOps - an all-encompassing term for automating and managing digital transformation - helps organizations succeed with digital transformation by shifting the cultural mindset of the business, breaking down silos and paving the way for continuous processes. Ensuring your organization's digital transformation and DevOps processes are secure.

Last November, Rajesh Ramamurthy, director of product management for Azure DevOps, announced plans to phase out support for TLS 1.0/1.1 because of the risk of protocol downgrade attacks and other TLS vulnerabilities outside Microsoft's control. TLS downgrade attacks aim to turn strong, more recent versions of TLS into weaker, earlier versions of the protocol to facilitate further exploitation.