SOAR Security: 7 Disadvantages of SOAR Solutions
This post was previously published on The New Stack The Drawbacks of a SOAR We’ve said it before, and we’ll say it again: Security ..
Security Best Practices in PHP
OAccording to a 2019 report by Accenture, security vulnerabilities have surged by 67 percent since 2013, including web apps that use PHP. ..
Intro to the Dockerfile Components
What is a Dockerfile? It will be fair to state that in this article we will be juggling between some common terms associated with the Dockerfile, ..
Automating Security: 7 Major Benefits of a SOAR
SOAR — or security orchestration, automation and response — is a collection of processes, software and tools that allows teams to streamline ..
How to Fix the Broken State of Cybersecurity Culture
Which cultural values empower businesses to thrive today? That’s an open question, of course. But I suspect most employees, managers, ..
What SecOps Teams Can Expect in 2022
Traditionally, most organizations have had siloed departments, wherein the activities of teams are highly separated and the objectives within ..
What, How, and Where Open Source Gets Pulled into a Codebase
The vast majority of software developers in the industry today are paid to solve business problems. Regardless of whether they work for small ..
What Does It Take To Be a Security Champion on a Modern AppDev Team?
Application security has always been important. But since organizations are constantly moving towards shorter development cycles, increased ..
A Developer’s View: How Attackers Can Infect Open Source Codebases
Most open source projects welcome contributions from anyone. That’s one of the key strengths of open source development as a whole ..
4 Ways to Automate Controlled Access to Sensitive Data
Controlling access to sensitive data is tough. Be too restrictive, and your employees run into too many roadblocks to do their jobs effectively. ..
A Developer’s View: The Move to Cloud-Native is Here
“Cloud-native” is a technical term that describes the general tendency to move software systems from a hosted environment to a public ..
A Developer’s View: What Exactly Is Modern Application Development?
What is modern application development? That may sound like an impossible question to answer. Not only is “modern” a relative and subjective ..
4 Ways to Automate Application Security Ops
Maintaining an online business presence nowadays means that malicious actors are going to target and likely exploit any application vulnerabilities ..
Automating Cloud Security Posture Management Response
When we discuss cybersecurity and the threat of cyber attacks, many may conjure up the image of skillful hackers launching their attacks ..
Why You Need an Accurate “Parts List” for Your Software
With the mass adoption of open source software in recent years, there has been an increasing tendency to include it as dependencies. This ..
Threat Hunting Like a Pro — With Automation
It’s no secret that cyber attacks are on the rise. Not only are they becoming more frequent, but the malicious actors who mount these ..
A Developer’s List of Key Container Security Risks
There are a variety of excellent reasons to use containers. They’re more agile and consume fewer resources than virtual machines. They ..
5 Security Automation Myths Debunked
It has been argued that automation in the workplace tends to be misunderstood. Analysts are keen to point out that, despite myths to the contrary, ..
A Developer’s Guide to Managing Open Source Risks
We’re living in an open source world. If you’re a developer today, it’s very likely that – no matter where you work or what type ..
A Developer’s List of Infrastructure as Code (IaC) Risks
Infrastructure-as-Code (IaC) tools are exemplary software solutions that Developers and DevOps teams use to describe common infrastructure ..