Organizations face major challenges gaining visibility into networks that grow more complex by the day, and Corelight CEO Brian Dye says the open-source community can help with gathering evidence and insights from networks so that the perimeter is better secured.
Jeff Williams, co-founder and CTO of Contrast Security, says people have a right to know if the products they use are secure. It's difficult to tell if software is secure, he says, so companies need incentives to build good security programs, improve their software and disclose any flaws they find.
Because healthcare IT environments are so complicated, it will become essential for all suppliers to provide and maintain a software bill of materials for their products to remain relevant, says Curt Miller of the Healthcare Supply Chain Association.
"Mainframe" and "modernization" are not often used in the same sentence. But Eric Odell and Paul Allard of BMC Software share a mainframe DevOps strategy that can result in cost savings, automation efficiencies and reduced risk of mainframe defects.
What the Good News Is, What to Watch Out For, and What to Do About It
Shifting security even further to the left to
achieve scale and speed requires a carefully
weighed understanding of the state of security.
Download this DevSecOps guide which presents:
Trends that will help
bolster the capabilities of...
This edition of the ISMG Security Report features an analysis initiatives unveiled by the Biden administration to enhance supply chain and critical infrastructure security and address the cybersecurity skills gap. Also featured: LockBit 2.0 ransomware rep 'tells all'; misconfigured Microsoft Power Apps.
The Biden administration unveiled a package of supply chain and critical infrastructure security initiatives following a meeting at the White House with tech executives and others. Companies such as Google and Microsoft also promised billions in spending on cybersecurity over the next several years.
DevOps-driven adoption of new
technologies and processes
may mean security is an afterthought
and can expose new
gaps in security coverage and
Download this whitepaper which provides an overview of what DevSecOps is and how organizations can adopt its
practices in conjunction with technologies...
Kubernetes-native security is based on a single principle: security is implemented most effectively
when it is aligned with the system that is responsible for managing all of an organization’s containerized
Download this whitepaper which explores the six characteristics a security platform must...
The rapid adoption of open source projects can introduce vulnerabilities in standard
Kubernetes environments. OpenShift Container Platform supports these projects, allowing users to
gain open source advantages with a managed product’s stability and security. Red Hat OpenShift
offerings include five managed and...
The latest edition of the ISMG Security Report features an analysis of ransomware gang REvil’s threat to release stolen Apple device blueprints unless it receives a massive payoff. Also featured: discussions of the importance of a “shift left” strategy and efforts to secure cryptocurrencies.
With more and more companies moving to DevOps, that statistic is likely to grow due to the increased demand for more applications faster meaning more chance for error. The good news is that these application vulnerabilities are extremely preventable through on-demand focused interactive lessons to learn how to code...
Like virtually all enterprises in 2020, Akamai had to pivot thousands of employees to remote
work in a matter of days. All while supporting a massive surge in platform traffic. And while
criminals sought to exploit any vulnerability these upheavals might expose.
This new report
shows you how our own products...
Dr. Chenxi Wang, industry thought leader and analyst, examined the Return on Investment that organizations may realize by using Cobalt’s Pen Testing as a Service (PTaaS) platform. This study took a detailed look at the benefits and costs of deploying Cobalt’s services in comparison with using traditional...
When software is everywhere, everything becomes an attack surface.
The root cause of many successful cyberattacks lies primarily in vulnerable software itself. The real question that needs to be asked is, “Can the industry do a better job of writing more-secure code, making software applications nearly...