Security
Security | News, how-tos, features, reviews, and videos
Linux distros need to take more responsibility for security
Between the rapid release of open source software, and modern OSes preloaded with packages, enterprises are vulnerable to attacks they aren’t even aware of.
How generative AI changes cybersecurity
The impacts of large language models and AI on cybersecurity range from the good to the bad to the ugly. Here’s what to watch out for, and how to prepare.
What ChatGPT doesn’t say about Kubernetes in production
Generative AI is already proving helpful across many relatively basic use cases, but how does it hold up when tasked with more technical guidance?
JFrog adds ML model management to devsecops platform
JFrog unveiled a number of new platform capabilities including static application security testing and anti-tampering and compliance checks for software releases.
How to get a handle on shadow AI
By allowing the use of AI tools proven to be safe, but requiring them to be used within explicit guidelines, you can alleviate both employee frustration and organizational risk.
Centralized cloud security is now a must-have
Cloud security is largely siloed by cloud provider. Enterprises are demanding strategic approaches for complex distributed multicloud deployments.
The lost art of cloud application engineering
AI-driven coding is now in wide use, but we may not know all the risks of using it until the damage has been done. Think security problems and code that wastes resources.
A new hope for software security
From package signing to SBOMs to new developer toolchains, the pieces for securing the software supply chain are starting to come together.
JFrog Curation blocks malicious open source software packages
DevSecOps system validates incoming software packages against JFrog’s security research library to establish a repository of trustworthy components for software developers to use.
Golang vulnerability checker flags Go vulnerabilities
Govulncheck is a command-line utility that uses the Go vulnerability database to identify known vulnerabilities in Go source code and Go binaries.
The unhappy reality of cloud security in 2023
Let's talk about how you can stay off the growing list of companies that have been hacked. Spoiler alert: It takes money and commitment.
Millions of GitHub repositories vulnerable to RepoJacking: Report
AquaSec analyzed a sample of 1% of GitHub repositories and found that about 37,000 of them are vulnerable to RepoJacking, including the repositories of companies such as Google and Lyft.
GitLab Dedicated offers single-tenant, SaaS-based devsecops
Service hosted and managed by GitLab is geared to users with strict compliance requirements such as isolation, data residency, and private networking.
Malicious hackers are weaponizing generative AI
The powerful capabilities of ChatGPT are being used against enterprise systems. Malicious packages and AI hallucinations are a few of the growing threats.
7 key features for Kubernetes and container security
Uptycs combines threat detection for Kubernetes and container runtimes, along with automated registry scanning and Kubernetes hardening checks. Here are the highlights.
Frontegg launches entitlements engine to streamline access authorization
Frontegg’s new entitlement engine will be powered by context-aware logic controls (CALC) technology to effect context-based, fine-grained authorization controls.
Disaster recovery in the cloud
Underestimate the complexity and cost of cloud computing backup and recovery and you risk missing data and lost customers. Here’s what to do.
