Shift Left on Vulnerability Detection

Shift Left on Vulnerability Detection

Using open-source packages is becoming more and more popular. Open-source libraries are developed by the community for the community and many have already discovered the benefits of using them. However, many forget the security side of them. One of our community members Yahav Itzhak wrote a nice article about shifting left on vulnerability detection! Go check it out! #devsecops #oss-security

The Human Error Behind Hacking Kubernetes

The Human Error Behind Hacking Kubernetes

Want to know how about the human error leading to exposure of your resources through Kubernetes ?

Read our post on how Kubernetes can be a powerful way to increase security posture. By reducing blast radius and ensuring that pods cannot be touched by any other process within the cluster. Provided that the human error is mitigated !

https://bit.ly/2Ud9aMX

#devsecops #shiftleft #kubernetes #containersecurity

Building the partnership with DevOps is crucial for the start of your DevSecOps journey

Building the partnership with DevOps is crucial for the start of your DevSecOps journey

Making ’Sec’ transparant to your DevOps engineers is key in the start of your DevSecOps journey.

Effectiveness in your DevSecOps programme comes with developers that find your first steps frictionless and valuable. From our DevSecOps consulting practice the following key takeaways should be kept in mind for planning early stages, focused to build the crucial partnership with DevOps

Snyk’s  State of DevSecOps 2020

Snyk’s State of DevSecOps 2020

Since Puppet’s State of DevOps report in 2019 we noticed a correlation in the maturity of DevOps and the 22% of firms at the highest level of security integration, which are considered “advanced” in the DevOps evolution. Now Snyk’s report gives additional insights. For example, 31% of respondents aren’t tracking any application
dependencies and only 14% test for known vulnerabilities in container images.

Secure Service Mesh : Share your opinion on policy governance !

Secure Service Mesh : Share your opinion on policy governance !

December 10, we had a very interactive DevSecOps-NL meetup on Service Mesh at ABN AMRO premises. In this post we share the presentation materials used by Erik Veld, presenter and developer advocate from Hashicorp. Implementing Service Mesh leads to new challenges, for instance on how to develop, implement and monitor intentions that play a role in authorized traffic between services. Would you share your opinion with us ?