Security News

The DevSecOps approach to cloud native threat detection and response
2023-01-05 04:30

Every SOC on the planet is grappling with the challenges of integrating detection techniques and response processes for public cloud computing. This presentation by Rich Mogull, SVP Cloud Security at FireMon, delves into the details with a framework for modernizing response operations, combined with technical details and examples.

The evolution of DevSecOps
2022-12-05 05:00

Security is the number one driver behind most DevOps and DevSecOps implementations. Only 30% feel confident in the level of collaboration between security and development, 86% experience challenges in their current approaches to security and 51% admit that they don't fully understand how security fits into DevSecOps.

What is challenging successful DevSecOps adoption?
2022-08-17 03:30

According to the study, only 22% of respondent organizations have developed a formal DevSecOps strategy integrating security into software development lifecycle processes, but an overwhelming percentage of those report a positive impact on accelerating incident detection and response efforts. Based on a survey of 200 DevOps and IT/information security professionals, the report shows that more than half of respondent organizations using DevSecOps tools and processes experienced a significant reduction in incidents that occur in production.

DevSecOps adoption is low but packing a punch in user organizations
2022-08-16 13:00

Only 22% of respondent organizations have developed a formal DevSecOps strategy integrating security into software development life cycle processes, a newly released report finds. Although adoption is low for now, the study also confirms potential growth in the industry with 62% of respondents saying their organization is actively evaluating use cases or has plans to implement DevSecOps.

Week in review: Log4Shell exploitation, DevSecOps myths, 56 vulnerabilities impacting OT devices
2022-06-26 08:30

Attackers still exploit Log4Shell on VMware Horizon servers, CISA warnsIf your organization is running VMware Horizon and Unified Access Gateway servers and you haven't implemented the patches or workarounds to fix/mitigate the Log4Shell vulnerability in December 2021, you should threat all those systems as compromised, the Cybersecurity and Infrastructure Security Agency has advised on Thursday. 7 DevSecOps myths and how to overcome themBy including security and compliance processes in end-to-end automation, businesses can secure software throughout the whole software supply chain, significantly improve the developer experience, and accelerate safer delivery.

7 DevSecOps myths and how to overcome them
2022-06-22 04:00

DevOps teams have historically viewed security teams as the "Release prevention department" with overly conservative approaches to risk mitigation. Security teams think accelerated software releases pose too great a risk to governance, security and regulatory controls.

DevSecOps glossary: 24 terms security professionals need to know
2022-05-27 19:21

Today, organizations are drifting away from perimeter-based security and toward access-based security. SIEM is a security management approach that combines the functions of security information management and security event management.

How do DevSecOps professionals feel about security becoming an around the clock job?
2022-05-19 03:00

As breaches continue to rise, cybersecurity and development professionals are feeling the pressure to maintain their organizations' security postures. Invicti Security released a report unveiling how developers and security professionals are overworked and understaffed, yet prideful of their roles within their organizations.

How to make DevSecOps a reality
2022-04-28 05:35

Every AppSec leader recognizes and admits that software development is accelerating, and there's no way their current approach is going to keep up. It is much better to prevent incidents than react to them after they have already happened.

GitLab on how DevSecOps can help developers provide security from end-to-end
2022-02-07 23:03

GitLab on how DevSecOps can help developers provide security from end-to-end. TechRepublic's Karen Roby spoke with Jonathan Hunt, VP of security for GitLab, about the security challenges companies face today and how the concept and practice of DevSecOps can help developers build end-to-end security into their applications.