Continuous Integration and Continuous Delivery (CI/CD) are combined DevOps best practices of automating different stages of an application development cycle. At its core, a CI/CD pipeline enforces automation by removing team level silos and incorporating tools that enable efficiency.
As a vulnerability scanning software we have to constantly develop to keep up with the latest threats and updates. Recently we removed support for the X-XSS-Protection header.
The evolving nature of cyber attacks has necessitated an overhauled defense deterrence for cybersecurity. Choosing the right cybersecurity tech stack helps administer security from external threats while ensuring you only adopt the tools and platforms that are relevant to your application and related workflows. As with any other form of technology, cybersecurity requires a combination of security practices (the approach) and software tools (the tech stack).
We've previously looked at how Microservices are vulnerable and susceptible to attack vectors, and how implementing a DevSecOps model is always a sensible approach to ensure security best practices.
This was a lot of fun. Ask a DevSecOps engineer “how do I screw up my website security?” and you better take a seat, because the answer will take a while. In short there are lots of ways your security can go wrong. Some mistakes are more critical than others and while many of the pitfalls are widely known, nothing stays still - new vulnerabilities are discovered each day.
If you are not a developer, some of these issues may be too technical, some basic starting points would be HTTP vs HTTPs, we have also written a piece on the cyber security basics. This is also only a distilled version, if you have any other ways to screw up your website security please let me know, I'd love to hear!
We've previously written about the basics of Microservice security, but let's take a closer look about how Microservice architectures can be exploited.
Sonatypes annual research “2020 State of the software supply chain” uncovers lots of great insights into the open source world. Open source is such a huge part of modern development that the headline stat of 430% increase year on year of attacks targeting open source projects should be a wake up call for all developers.
A microservice architecture, often referred simply as microservices, is a set of services that are grouped in order to implement an application. Lately, development teams prefer microservices, as it facilitates continuous delivery for large applications and adapts easily to the organisation’s needs as its technology evolves and scales up with very minimal effort.
In light of some of recent high-profile attacks; We wanted to share some basic cyber security tips for business of all sizes and provide a simple checklist so that you can audit your company’s cyber security strategy.