What CISA Got Right After Its GitHub Leak: Lessons Every Organization Should Copy
After the CISA GitHub leak, the agency published a candid incident postmortem. Here are six lessons security teams should copy, from secrets scanning to key rotation.
After the CISA GitHub leak, the agency published a candid incident postmortem. Here are six lessons security teams should copy, from secrets scanning to key rotation.
Highlights from the largest ever BSidesSF, which brought cybersecurity professionals together to face the new issues AI brings, advanced threat actors, and scaling security.
If you need to keep your data on your network but still want the power and convenience of GitGuardian, we've got you covered.
This month we dive into CVE-2024-27198 for JetBrains TeamCity and the controversy surrounding the patching process that contributed to it being exploited in the wild.
EO 14028 is bringing a lot of new security documentation requirements with it. Here's how SCA can help with creating that documentation.
Explore insights from PHP experts who gathered from all around the world to discuss web development innovations, embracing change, and securely maintaining our code.
Don't let zombies haunt your security posture.
Open-source software security is crucial in today's cloud-native world. Learn about vulnerabilities, dependencies, and tools to improve security in this in-depth blog post.
Dive into our highlights from HackSpaceCon 2024, covering red teaming, AI, and securing critical infrastructure to prepare for ever-evolving cyber threats.
In this new series, CJ May shares his expertise in implementing secure-by-design software processes. The second part of his DevSecOps program is all about implementing secure-by-design software pipelines.
Fully understanding open-source licenses is crucial for your projects and organization. Let's look at where these licenses come from and how they can impact your applications.
Business intelligence company Sisense has seen secrets compromised in its GitLab repositories, leading to a siphoning of its customers' sensitive data.
SBOMs are security analysis artifacts becoming required by more companies due to internal policies and government regulation. If you sell or buy software, you should know the what, why, and how of the SBOM.