Balancing Security and Velocity in Modern Software Development
Developers don’t want to become experts at security, and slowing down for anything is a tough proposition. Security isn’t a problem that will just go away, though.
The Challenges of Identity Lifecycle Management for NHIs
Identity lifecycle management is one of the most underestimated security risks in many organizations. You may have structured IAM processes that handle the lifecycle of human identities, but what about your non-human identities (NHIs)?
Detection Engineering: A Case Study
In this blog post, we will explore the intricate world of detection engineering. We’ll start by examining the inputs and outputs of detection engineering, and then we’ll illustrate the detection engineering lifecycle.
How to Handle Secrets in Configuration Management Tools
Configuration management tools like Ansible, Chef, and Puppet offer various methods for handling secrets, each with inherent trade-offs. The article explores these approaches alongside modern OIDC-based solutions that enable short-lived authentication tokens for automated processes.
Security Culture: The Best Tool Money Can’t Buy
Building positive relationships, sharing knowledge effectively, and making security "cool" are some of the most worthwhile security pursuits.
Securing Containers with Seccomp
In this article we present a novel way to protect your container applications post-exploitation. This additional protection is called Seccomp-BPF.
