Hot Topics

Software Supply Chain Security Pulsemeter Results

Are you worried about software supply chain attacks?Very worried22%5Somewhat worried26%6A little worried17%4Not very worried13%3Not at all worried22%5Which of these do you include as part of your software supply chain security analysis today?1st ...
|

GitLab Security and Governance Solution Helps Secure Organizations’ End-to-End Software Supply Chains

The One DevOps Platform enables organizations to stay ahead of threat vectors, maintain compliance posture and deliver secure software faster Detroit, MI, October 25, 2022—Today at KubeCon + CloudNativeCon North America, GitLab ...
| | GitLab, KubeCon + CloudNativeCon, KubeCon + CloudNativeCon North America 2022, supply chain security
Ensuring Container Security

Container Images: The Next Software Supply Chain Concern? 

Containers not only provide a mechanism for packaging code in deployable and manageable units, but containers are also a downloadable resource that can speed up infrastructure and app configurations, rapidly creating development ...
| | container applications, container security, securing containers, Sysdig, Techstrong Research
Lacework Red Hat Aqua Security

The State of K8s Software Supply Chain Attacks

Securing the software supply chain is in the zeitgeist, and for a good reason. Software supply chain attacks grew by more than 300% from 2020 to 2021. Supply chain attacks continue to ...
| | cloud-native architecture, container security, kubernetes, microservices, supply chain security
cloud-native software policy Styra Shifts Kubernetes Policy Management Left

Securing the Software Supply Chain For Policy-as-Code

Since emerging as a graduated CNCF project last year, the Open Policy Agent (OPA) project has been adopted in a wide variety of scenarios: Kubernetes admission control (gatekeeper), policy enforcement over configuration ...
| | container security, OPA, open policy agent, Security Policy as Code
Eliminating Security Gaps in the Software Supply Chain – A Collaborative Approach

Eliminating Security Gaps in the Software Supply Chain – A Collaborative Approach

Code is everywhere. Code makes up applications, drives cloud environments, is used for infrastructure configuration, runs operational systems and manages data. Rapid application development leverages open source and pre-designed components to make ...
|
Defending Software Supply Chain Attacks with Kubernetes and DevSecOps

Defending Software Supply Chain Attacks with Kubernetes and DevSecOps

According to many security analysts, in 2022, the number of software supply chain attacks is expected to quadruple versus this year’s total. Recent high-profile breaches like SolarWinds, Codecov, Kaseya and Microsoft Exchange ...
|
Kubernetes, developer platform Docker cloud-native applications Anchore SBOM metrics full cycle complexity software development

JFrog, Docker Partner to Streamline Software Supply Chains

JFrog and Docker, Inc. announced today they are working toward tightening integration between their respective offerings to reduce DevOps friction and make software development more efficient. Under the terms of the alliance, ...
| | Docker Inc., JFrog, software development, supply chain
Chainguard Docker container Stormforge Azure containers Microsoft New Relic Java Kublr platform Containers on Azure

Chainguard Allies With Docker, Inc. to Secure Container Images

Chainguard is making its hardened container images available on Docker Hub via the Docker Verified Publisher (DVP) program ...
| | Chainguard, container security, containers, docker, Docker Verified Publisher, hardened containers
AI Kubernetes AppViewX Securing containers

KubeCon 2023: Kubernetes Supply Chain Security

Alan Shimel talks with Uptycs' Abhinav Mishra about the company's Kubernetes supply chain security solution ...
| | cloud native security, KubeCon, kubernetes, Kubernetes security