Security Archives

Agile + DevOps West 2022: Leaders Look for Opportunities to Transform Their Cultures

Todd KominiakJune 28, 2022Agile, DevOpsNo comments

In Las Vegas, agile and DevOps leaders discuss challenges and approaches for driving transformations that actually work.

Recap: What You Need to Know About Software Supply Chain Attacks

Coveros StaffJuly 23, 2021Blogs, DevOps, DevSecOps, Learning, News & Events, SecurityNo comments

Application Security pioneer and OWASP co-founder Jeff Williams discusses software supply chain attacks with Coveros CEO Jeff Payne.

Coveros Conversations: Software Supply Chain Security

Coveros StaffMay 25, 2021Blogs, Development, DevOps, DevSecOps, SecurityNo comments

Software security expert and CEO Jeff Payne discusses best practices for protecting your software delivery process from supply chain attacks in our next Coveros Conversation.

Bottlerocket: An Early Look

Coveros StaffSeptember 15, 2020Blogs, DevOps, Open Source, Security2 comments

Explore some pros and cons of Bottlerocket, the Linux-based open-source operating system by Amazon Web Services for running containers.

Choosing the Right Threat Modeling Methodology

Coveros StaffAugust 13, 2020Blogs, Security, Top PostsNo comments

Explore four different threat modeling methodologies—STRIDE, PASTA, Trike, VAST—and assess their strengths and weaknesses.

Dependency Checking Your Ruby Application

Coveros StaffApril 30, 2020Blogs, Continuous Integration, Development, DevOps, Security, TestingNo comments

Dependency Checking Your Ruby Application Checking your application’s dependencies for known vulnerabilities is a critical, relatively low effort step you should take to secure your application, which you may have read about in another recent article: What is SCA? Compared to the wealth of tools used for dependency checking in, for example JavaScript, there’s not […]

Database Security – A Pentester’s Notes

Coveros StaffApril 23, 2020Blogs, SecurityNo comments

One of the most prevalent issues that continue to vex application developers is weaknesses in database security that open us to exploit. Database security is a broad subject, and I will not cover all the security issues here but want to provide context and understanding around some of the more comment vulnerabilities. In this blog, […]

Shifting Security Left: The Innovation of DevSecOps

Tom StiehmMarch 5, 2020DevOps, SecurityNo comments

Application security, or AppSec, is hard. For development teams, it often comes into development late in a release cycle and demands changes to the software that seem unreasonable. For the AppSec team, being introduced to a project after the application has been designed and much of the code has been written means there will be […]

Understanding the Role of QA in DevOps: An Interview with Gene Gotimer

Coveros StaffOctober 11, 2019DevOpsNo comments

Gene Gotimer, senior architect at Coveros Inc., discusses understanding the role of QA in DevOps, DevOps educational tools, trusting your team, and paid and open source security tools.

Debunking 4 Myths of DevSecOps Adoption

Coveros StaffOctober 9, 2019DevOps, SecurityNo comments

Every day organizations incorporate DevSecOps into their software development, security, and operations practices to ensure they can build critical security controls into their agile software delivery. According to one survey, 84 percent of respondents said it’s difficult to reduce risk to their applications because they’re not able to monitor, detect, and prevent attacks at the application level. […]

Tag: Security

Categories

Recent Blogs

Recent Videos

Learning for You and Your Team

Social