Amazon CloudWatch Events Gains Cross-Account Event Delivery
Amazon Web Services (AWS) recently added cross-account event delivery to Amazon CloudWatch Events to support use cases such as the tracking of events across an entire organization and the handling of events in separate accounts to implement advanced security schemes.
Active Management of Open Source Components Delivers Measurable Improvements Claims Sonatype Report
When organisations actively manage the quality of open source components in software applications they see a 28% improvement in developer productivity (through reduction in manual governance), a 30% reduction in overall development costs, and a 48% increase in application quality (as application vulnerabilities are removed early reducing their incidence in production).
AWS Web Application Firewall: Bolt-on Security for Insecure Websites
AWS Web Application Firewall inspects traffic coming into your web application, looking for suspicious activity. It can pass good requests onto your application and block requests that match common attack vectors - like SQL injection. WAF can add a layer of security onto an existing application without changing the app.
Microsoft Previews Bug and Security Risk Detection on Windows and Linux
Microsoft has made available Project Springfield as an Azure service preview called Microsoft Security Risk Detection (MSRD) for detecting code bugs and security vulnerabilities in Windows and Linux applications.
Zenedge Releases API Security Solution with Native SDKs
Zenedge, a cybersecurity provider of AI-driven Web Application Firewall, malicious bot detection, and bot management services, has recently released an API Security solution with native SDKs for web and mobile.
Twistlock 2.1 Container Security Suite Released
Twistlock announced the general availability of version 2.1 of their container security product. Highlights of the release include an integrated firewall that understands application traffic, vulnerability detection, secrets management via integration with third party tools, and compliance alerting and enforcement.
Q&A With Robert Scherrer: DevOps on the Backbone of the Swiss Financial Center
Starting with a small core team, and a DevOps approach around 5 + 1 dimensions - skills, organization, process, infrastructure, architecture + mindset & attitude - SIX has been transforming how IT and the business work together to break the silos and align themselves along value streams. InfoQ took the opportunity to talk with Robert Scherrer, head of software dev at SIX, about this journey.
Susanne Kaiser on Microservices Journey from a Startup Perspective
Susanne Kaiser, CTO at Just Software, spoke at the recent QCon New York 2017 Conference about the transformation process her team went through to transition from a monolithic application architecture to microservices model.
QCon New York: Evaluating Machine Learning Models - A Case Study in Real Estate
Opendoor, a real estate company that helps customers with buying and selling homes, uses machine learning techniques to drive pricing models. Nelson Ray, data scientist at Opendoor, spoke at QCon New York 2017 Conference about how they developed a simulation-based framework for reasoning about machine learning models to assess the risk in reselling homes.
Sonatype Acquires Vor Security to Expand Nexus Open-Source Component Support
Sonatype announced the acquisition of Vor Security to extend their open-source component intelligence solutions’ coverage to include Ruby, PHP, CocoaPods, Swift, Golang, C, and C++.
Cloud Migrations, Highly Regulated Environments, and Making Work Visible: DOES17 London Day Two
At the London DevOps Enterprise Summit 2017 (DOES17) conference, the second morning of keynotes discussed the role DevOps plays when migrating to cloud platforms; the creation and cultivation of effective teams that must work within high-regulatory environments; and how to improve the flow of business value by making work visible.
Stack Overflow Becomes HTTPS by Default
Nick Craver, architecture lead at StackOverflow, has published a blog announcing StackOverflow's migration to HTTPS. Some of the technical challenges along the way included supporting hundreds of domains, migrating URL’s, user generated content, and meeting the sites stringent performance requirements.
Apache Metron Graduates to Top-Level Project
Hortonworks and Apache announce graduation of Metron, a realtime big data security platform to top-level project at the ASF.
Git Continues to Improve Security and UI in Version 2.13
The latest release of Git introduces many changes aimed to improve its user interface, while also fixing two significant vulnerabilities.
Microsoft Renews Calls for “Digital Geneva Convention” after Widespread Cyber Attacks
The major story from last week was that malware, described in leaked NSA documents, crippled Windows computers worldwide. The WannaCry Ransomware virus is believed to have hit 200,000 victims in 150 countries, including UK hospitals, utilities in Spain, and Russia’s interior ministry.
CONTENT IN THIS BOX PROVIDED BY OUR SPONSOR
|
When Cloud Security and Continuous Compliance is Done Right, it's Evident |
|
Featured Content |
Blog Posts
The Time Has Come to Fully Embrace Security Automation
6 Security Essentials to Jumpstart Your Security Program
Start Compliant, Stay Compliant in the Cloud
Understanding a Rugged DevOps Approach to Cloud Security
Webinars
How to Achieve NIST Appliance in the Cloud
The Future of Continuous Compliance is Automation feature Forrester
|
Whitepapers |
11 Things To Focus On To Be PCI Compliant In AWS
10 Security Best Practices for AWS
Top 10 AWS Cloud Security Risks
Continuous Monitoring and Compliance in the Cloud
|
Videos |
|
Follow us on |
