Many experts believe the heyday of DevOps is coming to an end ... So, is it time to retire DevOps entirely? Only time will tell. But I staunchly believe it's misguided to count DevOps out just yet. Instead, practitioners should expect DevOps to do what DevOps does best: develop and grow with the market ...
DevSecOps
October 13, 2023
In Episode 31 of the Cybersecurity Awesomeness Podcast, Chris Steffen and Ken Buckler from EMA discuss the changing role and importance of the industry analyst ...
October 11, 2023
With the rapid increase in API usage also comes an increase in malicious actors targeting APIs as a gateway to customer and company data. That's why ensuring that your API integrations are safe is no longer simply a technical requirement, it is a responsibility that developers and organizations cannot take lightly. Here are three ways to ensure that your next API integration doesn't leave you, or your users, vulnerable ...
October 05, 2023
In 2023, twice as many software supply chain attacks took place as 2019-2022 combined, according to State of the Software Supply Chain Report ...
September 26, 2023
The current world of software relies heavily on recycled code, much of which is lifted from open-source repositories. No matter how tightly you integrate security into your development cycles, if the open-source code you borrowed is vulnerable, so are you. Even if you were to somehow achieve the unrealistic goal of "zero vulnerabilities in production," there's no guarantee that this will actually make your business secure ...
September 21, 2023
In Episode 28 of the Cybersecurity Awesomeness Podcast, Chris Steffen and Ken Buckler from EMA discuss the aging cybersecurity workforce ...
September 20, 2023
One third (34%) of organizations are either already using or implementing artificial intelligence (AI) application security tools to mitigate the accompanying risks of generative AI (GenAI), according to a new survey from Gartner ...
September 14, 2023
API security should be a key part of any organization's security strategy today; however, it's often overlooked. APIs make up 83 percent of all web traffic, and they play a vital role in nearly all modern mobile and web applications, as well as containers and microservices. APIs are designed to be accessed by third parties, which exposes them to a broader spectrum of potential attacks compared to traditional web applications ...
September 12, 2023
In Episode 27 of the Cybersecurity Awesomeness Podcast, Chris Steffen and Ken Buckler from EMA discuss the MGM Resorts cyberattack ...
September 11, 2023
President Biden's Executive Order on Improving the Nation's Cybersecurity has driven wide-scale changes in software development practices in both the UK and US in the two years since it launched, according to new research from Sonatype ...
September 08, 2023
In Episode 26 of the Cybersecurity Awesomeness Podcast, Chris Steffen and Ken Buckler from EMA discuss the ending of support for TLS 1.0 and 1.1 standards ...
September 01, 2023
In Episode 25 of the Cybersecurity Awesomeness Podcast, Chris Steffen and Ken Buckler from EMA discuss the security implications of return to office mandates ...
August 29, 2023
There's tremendous pressure on DevOps teams to deliver business-critical applications and services with speed and agility. As a result, DevOps teams will often take the path of least resistance to meeting deadlines, even if it means taking security shortcuts. One such example is the provisioning and management of digital certificates may stray from enterprise-wide PKI policy which can expose security weaknesses and vulnerabilities ...
August 28, 2023
The Cloud Native Application Protection Platform (CNAPP) has emerged as a critical category of security tooling in recent years. According to the CNAPP Survey Report, commissioned by Microsoft, CNAPP's popularity has been driven by the complexity of comprehensively securing multi-cloud environments ...
August 18, 2023
In Episode 23 of the Cybersecurity Awesomeness Podcast, Chris Steffen and Ken Buckler from EMA recap Black Hat 2023 ...
August 16, 2023
Developers are leveraging a variety of tools, platforms, languages, and services to deliver more sophisticated features and functionality. However, every additional component used to build an application increases the size of the attack surface and the risk of an attack. Threat actors have a greater chance of discovering a vulnerability, misconfiguration, or bug that can serve as a toehold into the environment ...
August 15, 2023
For the last decade, the concept of shifting security left has surged exponentially among practitioners, as the results of this approach are astounding. The ability to deliver secure code faster, reduce vulnerabilities in production, and drive efficiencies across application security and development teams are a clear win for any organization, right? ...
August 14, 2023
The prevalence of team silos and point solutions throughout the DevSecOps lifecycle make it increasingly difficult for development, security, and operational teams to have comprehensive visibility into the threats affecting their cloud environments. In fact, according to a recent Dynatrace study, 77% of chief information security officers (CISOs) say it's a significant challenge to prioritize vulnerabilities because of a lack of information about the risks they pose ...
August 11, 2023
In Episode 22 of the Cybersecurity Awesomeness Podcast, Chris Steffen and Ken Buckler from EMA discuss the upcoming 90 day expiration of SSL certificates ...
August 09, 2023
Fraud detection, typically seen as a solution outside of cybersecurity, has taken on a new dimension in recent times. Digital fraud has emerged as a significant threat to businesses and individuals alike. APIs play a pivotal role in this landscape, often serving as the gateway for fraudulent activities ... As the sophistication and frequency of digital fraud continue to rise, understanding the connection between API security and fraud has never been more critical ...
August 04, 2023
In Episode 21 of the Cybersecurity Awesomeness Podcast, Chris Steffen and Ken Buckler from EMA discuss the latest SEC cybersecurity reporting and leadership requirements ...
August 01, 2023
APIs are incredibly important in today's digital landscape. They play a crucial role in enabling communication and interaction between different software applications, systems, and services. Due to the increasing reliance on APIs, they have gradually become the top target for hackers. As such, enterprises are placing more emphasis on API security to protect the integrity of data and services, build trust and confidence, and mitigate future risks ...
July 31, 2023
As the volume, development velocity, and variety of applications and their attack vectors skyrocket, it's time to rethink how we use application hardening. Application hardening, also known as "application shielding" and "in-app protection," protects live applications from reverse engineering and tampering ...
July 28, 2023
In Episode 20 of the Cybersecurity Awesomeness Podcast, Chris Steffen and Ken Buckler from EMA discuss Black Hat USA 2023 ...
July 10, 2023
Companies are increasingly embracing the power and agility of cloud-based solutions, with more than 20% of their workloads running in the cloud today, with plans to grow more than 50% in the next 18 months. With this accelerated cloud adoption comes inherent challenges and apprehension, as Check Point's 2023 Cloud Security Report reveals. As a result, 76% of organizations are apprehensive about cloud security, and cloud-based attacks are increasing at an alarming rate ...
