Tony Loehr
Developer Advocate
-
March 1, 2022
How To Prevent AWS S3 Bucket Misconfigurations
WS S3 misconfigurations account for 16% of cloud security breaches. To avoid suffering a breach because of an AWS S3...
-
February 24, 2022
Implementing SLSA Source Requirements to Improve Software Supply Chain Security
SLSA source requirements help mitigate threats originating from source control management.
-
February 16, 2022
NIST SSDF 1.1: A Brief Overview of the Final Version
The 2021 Executive Order on strengthening the nation’s cybersecurity prompted NIST to create documents on secure software development practices.
-
February 2, 2022
Improve Application Security with Cycode’s Knowledge Graph and Policies
Forrester predicts insiders will cause 33% of all data exposure incidents in the upcoming year.
-
January 24, 2022
Terraform Cloud Drift Detection with Cycode Integration
Cycode has created an integration allowing Terraform Cloud configuration drift detection between deployment environments.
-
December 31, 2021
Cycode Integration with JFrog Pipelines and Artifactory
JFrog and Cycode created an integration that will improve the security of our customers' digital assets and dependencies.
-
December 16, 2021
Two Ways to Address the Log4J Vulnerability
Researchers have released patches for the log4j vulnerability, allowing some organizations to breathe a sigh of relief.
-
December 13, 2021
Executive Order 14028: NIST SSDF Explained
The President’s Executive Order (EO) on “Improving the Nation’s Cybersecurity (14028),” issued on May 12, 2021, charges multiple agencies...
-
November 28, 2021
NIST Cybersecurity Framework (NIST CSF)
The National Institute of Standards and Technology (NIST) first released its Cybersecurity Framework in 2014 in response to an Obama-era...
-
November 17, 2021
AWS CloudFormation Security: 8 Best Practices
AWS CloudFormation gives organizations the ability to easily manage a collection of AWS resources by automating the initialization, provisioning, and...
-
November 10, 2021
Google SLSA Framework: Key Takeaways
In light of recent, multi-billion dollar cyber attacks, Google has introduced a framework to help developers improve software supply chain...
-
November 2, 2021
7 Terraform Security Best Practices
Terraform, developed by Hashicorp, is an infrastructure as code (IaC) framework that allows for declarative resource provisioning...