Cycode Workflows: No-Code Automated Alerting & Remediation
Cycode workflows allow users to automate security functions such as alerting, ticketing, and remediation that respond directly to triggered violations or vulnerabilities.
Governance
How To Prevent AWS S3 Bucket Misconfigurations
WS S3 misconfigurations account for 16% of cloud security breaches. To avoid suffering a breach because of an AWS S3 bucket misconfiguration, it is imperative to implement best practices.
Software Supply Chain Security: Your Attack Surface Is Bigger Than You Think
When most organizations approach software supply chain security, too often they think only about securing the open source or third-party dependencies in their code.
Improve Application Security with Cycode’s Knowledge Graph and Policies
Forrester predicts insiders will cause 33% of all data exposure incidents in the upcoming year.
A Secrets Management Maturity Model
Maturity models may be a controversial topic, but used properly we believe they can help leaders understand their capabilities and develop a roadmap for improvement.
NIST Cybersecurity Framework (NIST CSF)
The National Institute of Standards and Technology (NIST) first released its Cybersecurity Framework in 2014 in response to an Obama-era Executive Order mandating…
AWS CloudFormation Security: 8 Best Practices
AWS CloudFormation gives organizations the ability to easily manage a collection of AWS resources by automating the initialization, provisioning, and…
Understanding the Trojan Source Attack and How to Defend Against It
There’s little doubt that 2021 has been the year of the software supply chain attack, with many notable breaches that include Solarwinds…
7 Terraform Security Best Practices
Terraform, developed by Hashicorp, is an infrastructure as code (IaC) framework that allows for declarative resource provisioning…
8 Infrastructure as Code (IaC) Best Practices for Security
Infrastructure as Code (IaC) is a rapidly growing technique of provisioning infrastructure with software, utilizing software…