Application Security
Application Security | News, how-tos, features, reviews, and videos
7 devops practices to improve application performance
Devops is tough, but the choice between faster development and improving reliability shouldn't be. Consider shifting-left security, better observability, AIops platforms, and more.
Are you ready to automate continuous deployment in CI/CD?
Making the leap from continuous delivery to continuous deployment requires the right skills, practices, and tools. Use this five-point checklist to prepare for launch.
Okta’s Matt Raible: How I became a Java hipster
The Okta developer advocate and JHipster evangelist discusses Java and JavaScript development, monoliths and microservices, software scaling vs. people scaling, and making security friendlier for developers.
Detect cloud native security threats with Tracee
Open source Tracee uses Linux eBPF technology to trace system and applications at runtime, and analyzes collected events to detect suspicious behavioral patterns.
GitHub adds supply chain security tools for Rust language
GitHub’s supply chain security features including the advisory database, Dependabot alerts, and dependency graph are now available for Rust Cargo files.
Maximize your cloud security with isolation zones
Security zones keep your applications and their data safe from bad actors and can help limit the impact of a security breach.
Only DevSecOps can save the metaverse
The vast metaverse will also be vast in terms of code, accelerating the demand for supply chain security, automated scanning and testing, and continuous updates.
9 questions you should ask about your cloud security
Businesses often lack critical insights into the security of their cloud environment. Here are nine questions business leaders need to ask—and cloud security teams need to answer.
Progress launches Chef Cloud Security to extend DevSecOps to cloud-native assets
The software provider has also enhanced its underlying security and compliance mechanism Chef InSpec with new features.
7 ways to avoid a cloud misconfiguration attack
Cloud security is all about configuration. Here’s how to make sure the configurations of your cloud resources are correct and secure, and how to keep them that way.
Is low-code safe and secure?
Handled appropriately, low-code development tools pose no additional security risk over any other platform, system, or development environment.
Pulumi launches Business Critical edition for enterprise customers
The infrastructure as code provider is adding new enterprise features as it looks to meet the needs of larger organizations.
Harvard census identifies most commonly used open source packages
Researchers hope that by raising awareness of the most widely used open source packages, they can help prevent the next Log4j or Heartbleed exploit from happening.
VMware adds container runtime protection to Carbon Black security portfolio
The virtualization specialist is looking to help customers secure their containerized environments from build through deployment.
Understand the RSA encryption algorithm
The RSA algorithm is a feast of genius that combines theoretical math and practical coding into working asymmetric cryptography. Here’s how it works.
How to protect your Kubernetes infrastructure from the Argo CD vulnerability
A zero-day vulnerability in Argo CD could be putting sensitive information like passwords and API keys at risk. Are you protected?
WhiteSource report warns of NPM registry risks
Provider of open source vulnerability scanning software finds malicious packages on widely used JavaScript package registry.
Faker NPM package back on track after malicious coding incident
A new group of maintainers is proceeding with an ‘official’ version of the Faker JavaScript library after the previous maintainer went rogue.
Suse open sources NeuVector container security platform
After acquiring NeuVector last year, Suse wasted no time in open sourcing the ‘full lifecycle’ container security platform for all Kubernetes users.
