Skip to content

Free Trial

Cycode
  • Platform
    • Hardcoded Secrets Detection
      Find existing secrets across your SDLC and block new secrets in pull requests
    • Source Code Leakage Detection
      Identify suspicious behavior and detection proprietary code exposures
    • NextGen SCA – Software Composition Analysis new
      Find all vulnerable dependencies across your entire SDLC with Pipeline Composition Analysis
    • Source Control & CI/CD Security
      Centrally manage governance & security policies across all your DevOps tools
    • SAST – Static Application Security Testing new
      Zero in on vulnerabilities in custom developed code
    • Code Tampering Prevention
      Combine integrity verification, anomaly detection, critical code monitoring & governance
    • Infrastructure as Code Security
      Prevent cloud misconfigurations and apply security standards to Terraform, Kubernetes, & more
  • Resources
  • Blog
  • Company
    • About Us
    • Contact Us
    • Press & Media
    • Careers
  • Log In
  • Book a Demo
  • Free Trial

IaC Security

Hardening Your SDLC in Response to Lapsus$ Breaches

May 31, 2022March 22, 2022 by Ronen Slavin
Hardening Your SDLC in Response to Lapsus Breaches

Over the last several weeks, Lapsus$ has taken down a who’s who of software development teams: NVIDIA, Samsung, Vodafone, Ubisoft, and Mercado Libre.

Categories BLOG Tags IaC Security, Code Tampering, Hardcoded Secrets, Code Leakage, Software Supply Chain Security, Hardening SDLC, Least Privilege Enforcement, Asset Inventory Leave a comment

Your Software Supply Chain Is Your Weakest Security Link

June 8, 2022March 18, 2022 by Julie Peterson
Read Now

The bad news is that attackers are shifting their focus to your less secure and easier-to-breach software supply chain.

Categories BLOG Tags IaC Security, Code Leakage, Software Supply Chain Security, Governance Leave a comment

Using the Principle of Least Privilege for Maximum Security

August 8, 2022March 10, 2022 by Tony Loehr
Privilege, Maximum Security

It’s a simple concept, so why doesn’t every organization enforce the principle of least privilege?

Categories BLOG Tags IaC Security, Hardcoded Secrets, Compliance & Frameworks, Software Supply Chain Security, Least Privilege Enforcement Leave a comment

How To Prevent AWS S3 Bucket Misconfigurations

June 9, 2022March 1, 2022 by Tony Loehr

WS S3 misconfigurations account for 16% of cloud security breaches. To avoid suffering a breach because of an AWS S3 bucket misconfiguration, it is imperative to implement best practices.

Categories BLOG Tags IaC Security, Hardcoded Secrets, Software Supply Chain Security, Governance Leave a comment

Software Supply Chain Security: Your Attack Surface Is Bigger Than You Think

August 2, 2022February 28, 2022 by Julie Peterson
Software Supply Chain Security and SDLC Attack Vectors

When most organizations approach software supply chain security, too often they think only about securing the open source or third-party dependencies in their code.

Categories BLOG Tags IaC Security, Code Tampering, Hardcoded Secrets, Code Leakage, Compliance & Frameworks, Software Supply Chain Security, Hardening SDLC, SLSA, NIST SSDF, Governance Leave a comment

Terraform Cloud Drift Detection with Cycode Integration

May 31, 2022January 24, 2022 by Tony Loehr
Read More

Cycode has created an integration allowing Terraform Cloud configuration drift detection between deployment environments.

Categories BLOG Tags IaC Security, Software Supply Chain Security, Knowledge Graph Leave a comment

Cycode Integration with JFrog Pipelines and Artifactory

May 31, 2022December 31, 2021 by Tony Loehr
Read Now

JFrog and Cycode created an integration that will improve the security of our customers’ digital assets and dependencies.

Categories BLOG Tags IaC Security, Code Tampering, Hardcoded Secrets, Code Leakage, Software Supply Chain Security, Hardening SDLC, Asset Inventory, SLSA Leave a comment

AWS CloudFormation Security: 8 Best Practices

July 8, 2022November 17, 2021 by Tony Loehr
AWS cloudformation security

AWS CloudFormation gives organizations the ability to easily manage a collection of AWS resources by automating the initialization, provisioning, and…

Categories BLOG Tags IaC Security, Hardcoded Secrets, Code Leakage, Software Supply Chain Security, Least Privilege Enforcement, Governance Leave a comment

Google SLSA Cybersecurity Framework: Key Takeaways

August 5, 2022November 10, 2021 by Tony Loehr
Cover Image

In light of recent, multi-billion dollar cyber attacks, Google has introduced a framework to help developers improve software supply chain security. This proposed solution is…

Categories BLOG Tags IaC Security, Code Tampering, Compliance & Frameworks, Software Supply Chain Security, Hardening SDLC, SLSA Leave a comment

7 Terraform Security Best Practices

March 15, 2022November 2, 2021 by Tony Loehr
Cover Image

Terraform, developed by Hashicorp, is an infrastructure as code (IaC) framework that allows for declarative resource provisioning…

Categories BLOG Tags IaC Security, Hardcoded Secrets, Software Supply Chain Security, Governance Leave a comment
Post navigation
Older posts
Page1 Page2 Next →

RELATED CONTENT

  • Security Advisory: IconBurst Attack
  • Multi-functional Threat Coverage: How Cycode handles latest Jenkins plugin vulnerabilities
  • A Strong Foundation of Governance Improves All SDLC Security Initiatives
  • All Roads Lead to Build Secrets – Or How Your Build System Could Expose The Production Environment
  • ISO 27001 Compliance

Recent Comments

    • Platform
      • Hardcoded Secrets Detection
      • Source Code Leakage Detection
      • NextGen SCA – Software Composition Analysis new
      • Source Control & CI/CD Security
      • SAST – Static Application Security Testing new
      • Code Tampering Prevention
      • Infrastructure as Code Security
    • Resource center
      • Resources
      • Blog
    • COMPANY
      • About Us
      • Press & Media
      • Careers
      • Contact Us
    • legal
      • Website Terms of Use
      • Privacy Policy
      • Cookie Policy
      • Status Page

    SIGN UP FOR OUR NEWSLETTER

    By signing up I confirm I have read Cycode's Privacy Policy and agree to receive newsletters and updates from Cycode's blog.

    Copyrights

    © 2022. Cycode Ltd. All Rights Reserved.

    Follow Us:
    © 2022 Cycode • Built with GeneratePress