DevSecOps

Related Videos

DevSecOps: A process of methods and mentality
Stephen Weigand
September 27, 2021
Target’s Jodie Kautt on the benefit of innovation beyond the enterprise
SC Staff
September 20, 2021
The hard lessons of DevOps and security
Stephen Weigand
September 14, 2021

Network Security

Lazarus Group tricks developers to load malware via fake recruiting tests

Steve ZurierSeptember 11, 2024

Latest iteration from North Korean APT to lure job seekers to download malware.

AI/ML

Copilot Autofix by GitHub launches

SC StaffAugust 27, 2024

Copilot Autofix, which is integrated into the GitHub Advanced Security, uses GitHub’s CodeQL scanning engine and GPT-4o to detect and fix vulnerabilities in real-time.

Cloud Security

TLS bootstrap attack gains access to Azure Kubernetes Services cluster

Steve ZurierAugust 20, 2024

While Microsoft has patched the issue, security pros warn that teams need to audit their AKS clusters.

DevOps

Securing the developer pipeline: The evolving role of the CISO in today’s threat landscape

Bill BrennerAugust 16, 2024

Paul Davis, Field CISO at Jfrog, delves into the critical challenges facing today’s information security leaders, particularly in securing development workflows.

Supply chain

Open-source software analysis tools added by Endor Labs

SC StaffAugust 13, 2024

The additional functions include analytics that assess the difficulty of upgrading an open-source software package and the potential risk of application disruption.

Close-up of a technomancer's hands, casting spells with futuristic gadgets

DevSecOps

Black Hat: Moxie Marlinspike wants to bring ‘magic’ back to software

Shaun NicholsAugust 8, 2024

Signal creator Moxie Marlinspike says that the security community should look to restore the sense of “magic” in product development.

Application security

Attackers exploit StackExchange to load malicious packages to PyPI

Steve ZurierAugust 2, 2024

Checkmarx researchers say the infostealer malware exfiltrated sensitive data and drained the crypto wallets of developers.

DevSecOps

Related Videos

DevSecOps: A process of methods and mentality

Target’s Jodie Kautt on the benefit of innovation beyond the enterprise

The hard lessons of DevOps and security

Lazarus Group tricks developers to load malware via fake recruiting tests

Copilot Autofix by GitHub launches

TLS bootstrap attack gains access to Azure Kubernetes Services cluster

Securing the developer pipeline: The evolving role of the CISO in today’s threat landscape

Open-source software analysis tools added by Endor Labs

Black Hat: Moxie Marlinspike wants to bring ‘magic’ back to software

Attackers exploit StackExchange to load malicious packages to PyPI