Topic: devsecops

ThreatMapper 1.2.0 released with new attack path visualizations

Observability company Deepfence launched new ThreatMapper features to provide DevSecOps professionals with new attack path visualizations, most exploitable vulnerabilities calculations, and AWS Fargate support.  ThreatMapper finds hidden attack paths by continuously correlating vulnerabilities with network traffic, identifying much harder to find vulnerable services that are further downstream, behind proxies and exposed indirectly to potentially malicious … continue reading

ITOps Times news digest: CNCF End User Technology Radar on DevSecOps, Cymulate’s new security updates, and Barracuda email protection updates

The CNCF has announced the release of its End User Technology Radar on DevSecOps, which provides recommendations on emerging technologies. It groups technologies into three categories: Assess, Trial, and Adopt. The Assess category includes Cilium, Harness, Sonatype Nexus, HashiCorp Sentinel, GitHub Actions, Linkerd, and Trivy. XRay is in the Trial category. Adopt includes technologies such … continue reading

PagerDuty brings security closer to operations

PagerDuty wants to unify the security operations among developers, operations and security teams. The company announced PagerDuty for Security Operations with new and existing security integrations across the company’s ecosystem. “With PagerDuty for Security Operations, we now bring security professionals into the fold to operate in a unified platform to engage in real-time security response,” … continue reading

Cloud security company Threat Stack acquires Bluefyre for its targeted application security

Cloud security and compliance company Threat Stack wants to bolster its cloud capabilities with the acquisition of Bluefyre. According to the company, Bluefyre will help deliver greater visibility into security as well as help developers build secure, cloud-native apps. Bluefyre provides targeted application security for Kubernetes, Mesosphere and OpenShift applications, and according to Threat Stack … continue reading

Security and compliance in DevSecOps

In the space of time it takes you to read this blog post and finish your morning coffee, a company at the vanguard of DevSecOps, such as Etsy, Amazon or Netflix, will have completed yet another deployment – one of potentially thousands per day. Deployment frequency has accelerated to a pace that would have been … continue reading

Chef InSpec 3.0 released with compliance audits and remediation capabilities for DevSecOps

Chef has announced a major release to its compliance automation platform InSpec. Version 3.0 of the solution includes a new plugin architecture, improved usability, enhanced management and automation compliance for Terraform, and improved performance. According to the company, this release is meant to target DevSecOps teams. In addition, the release includes a number of bug … continue reading

What the new generation of automation technology means for digital transformation

A large movie theater chain examines box office sales and discovers that a new romantic comedy isn’t doing as well as expected on its opening weekend. The chain knows from previous data analysis that, for whatever reason, Twizzler red licorice is a best-seller at the concession stands for fans of romantic comedies. So the chain … continue reading

DevSecOps predictions for 2018

From the WannaCry ransomware attack that resonated across the globe, to the massive Equifax breach and series of security mistakes that followed, 2017 saw a major uptick in cyberattacks, with no signs of slowing down. While each incident was unique, they all highlighted the complexity of applying security at scale. Wrangling the vast number of … continue reading

Get access to this and other exclusive articles for FREE!

There's no charge and it only takes a few seconds.

Sign up now!