Hardening Your SDLC in Response to Lapsus$ Breaches
Over the last several weeks, Lapsus$ has taken down a who’s who of software development teams: NVIDIA, Samsung, Vodafone, Ubisoft, and Mercado Libre.
Code Leakage
Your Software Supply Chain Is Your Weakest Security Link
The bad news is that attackers are shifting their focus to your less secure and easier-to-breach software supply chain.
Software Supply Chain Security: Your Attack Surface Is Bigger Than You Think
When most organizations approach software supply chain security, too often they think only about securing the open source or third-party dependencies in their code.
A Secrets Management Maturity Model
Maturity models may be a controversial topic, but used properly we believe they can help leaders understand their capabilities and develop a roadmap for improvement.
Cycode Integration with JFrog Pipelines and Artifactory
JFrog and Cycode created an integration that will improve the security of our customers’ digital assets and dependencies.
Two Ways to Address the Log4J Vulnerability
Researchers have released patches for the log4j vulnerability, allowing some organizations to breathe a sigh of relief.
AWS CloudFormation Security: 8 Best Practices
AWS CloudFormation gives organizations the ability to easily manage a collection of AWS resources by automating the initialization, provisioning, and…
8 Infrastructure as Code (IaC) Best Practices for Security
Infrastructure as Code (IaC) is a rapidly growing technique of provisioning infrastructure with software, utilizing software…
A Unique Supply Chain Attack: The 2020 Sawfish
For attackers targeting technology businesses, the goal is often stealing intellectual property and other data, which can either be sold for profit…
Modern Development Practices Open the Door for Code Leakage
As development teams leverage cloud-based infrastructure in support of collaboration and speed, code leakage has become a significant…