What Is a Web Application Firewall (WAF)?
Protecting web applications and APIs is now a critical component for application security engineers, security architects, and information ..
What Is Secure Software Development Lifecycle (Secure SDLC)?
The software development lifecycle (SDLC) is a process for planning, implementing and maintaining software systems that has been around ..
What Is Infrastructure as Code (IaC) Supply Chain Security?
Infrastructure as Code (IaC) shifted how teams think about building and securing infrastructure. Now, your entire application architecture ..
DevSecOps and Value Stream Management
Everything done within an organization should provide value to customers and other stakeholders. Value Stream Management (VSM) is a business ..
Why Kubernetes Security Posture Management (KSPM) Is Essential to Cloud Native Security
Recent attacks like those on Colonial Pipeline, SolarWinds, and Twitch have gained notoriety and foregrounded the importance of security ..
How Does DevSecOps Fit Into Your Digital Transformation?
“Going digital” is a huge challenge in the best of times, but thanks to increasingly competitive markets, more technically savvy ..
What Is CIEM or Cloud Infrastructure and Entitlement Management?
Cloud Infrastructure and Entitlement Management (CIEM) is a relatively recent term that was introduced by Gartner in 2020 as part of the Hype ..
What Is Policy-as-Code?
Policy-as-code is an approach to policy management in which policies are defined, updated, shared, and enforced using code. By leveraging ..
OWASP Top 10:2021 – What’s New
The Open Web Application Security Project (OWASP) is a nonprofit foundation dedicated to promoting best practices, methodologies, and tools ..
What Is Web Application and API Protection?
Web application and API (Application Program Interfaces) protection is a set of development, integration, and deployment practices that ..
What Is the CI/CD Pipeline and CI/CD Security?
The CI/CD pipeline is a foundational part of DevOps. In addition to laying the foundation for the processes that DevOps teams use to deliver ..
What Is Identity and Access Management (IAM)?
Identity and access management, or IAM, is a foundational component of virtually any modern application environment. By providing a systematic ..
What Is a Container?
Starting with the advent of Docker in 2013, containers have become a fundamental building-block of modern IT infrastructure. Whether you host ..
6 DevSecOps Metrics for DevOps and Security Teams to Share
If you work in DevOps, it’s easy to feel like the security team is there to make your job harder. Likewise, if you are a security engineer, ..
CLOUD THREAT REPORT 1H 2021 – The COVID-19 Conundrum: Cloud Security Impact and Opportunity
A much prettier version of this document lives here: Foreword In the early days of the COVID-19 pandemic, there was a rapid uptick in demand ..
Cloud Native Security for the Healthcare Industry
When you store or process any kind of data in the cloud, you face certain security risks that would not exist in an on-premises environment. ..
Avoiding Technical Security Debt During Cloud Transformation
Cloud transformation, or the process of migrating workloads to the cloud, creates a number of benefits — including greater agility, scalability, ..
Intelligently Managing Risk: Multicloud Infrastructure Security
Multicloud is the new reality for many organizations, whether chosen as a strategy or forced on them through another means – like customer ..
A Step-by-Step Guide to Secure and Protect AWS S3 Buckets
Amazon Web Services (AWS) Simple Storage Service (S3) provides an easy option for storing documents, data and other information in the cloud. ..