Best practices

A collection of 26 posts

How to make security policies a team effort

How to make security policies a team effort

Mark Bichon from Bearer, the SAST solution for mapping sensitive data flows, shares some essential tips to create security policies that don't feel like a development slowdown.

AWS IAM Security Best Practices

AWS IAM Security Best Practices

Identity and access management is a pillar of security. With the advent of the cloud, it got a lot more complicated. Here is a recap of the best practices to put in place to secure AWS IAM.

9 Extraordinary Terraform Best Practices That Will Change Your Infra World

9 Extraordinary Terraform Best Practices That Will Change Your Infra World

This "best practices" article aims to tell you something you haven't read a hundred times. This article won't give you the answer to everything because there isn't one right answer that fits all. It aims to make you think about your unique situation and make the best decisions in accordance.

Securing Containers with Seccomp: Part 2

Securing Containers with Seccomp: Part 2

This tutorial will guide you through the setup of a GitHub Action generating a Seccomp filter for your application, a cutting-edge security feature for hardening containerized workloads.

Mackenzie Jackson, GitGuardian: “code security needs to be a layered approach”

Mackenzie Jackson, GitGuardian: “code security needs to be a layered approach”

Security should be something that companies implement into the software development lifecycle as early as possible. It should be a consideration at every step of development, from design and through to deployment and every incremental change made thereafter.

Data Breach: a 5 Steps Response Plan

Data Breach: a 5 Steps Response Plan

A data breach is one of the worst scenarios in today’s enterprise security. What’s your plan to remediate this kind of situation, minimize the impact, and ensure business continuity? Although there is no such thing as a one-size-fits-all tactic, the following steps are crucial to a positive outcome.

CI Pipelines: 5 Risks to Assess

CI Pipelines: 5 Risks to Assess

More and more parts of the software development process can occur without human intervention. However, this is not without its drawbacks. To keep your code and secrets safe, you should add the following security practices to your CI pipeline.

Security in Infrastructure as Code with Terraform — Everything You Need to Know

Security in Infrastructure as Code with Terraform — Everything You Need to Know

With DevOps, we try to manage our infrastructure using pure code. Since all our infrastructure is managed by code, the security of the code that actually manages the infrastructure is crucial. This article looks at how we can keep our infrastructure as code secure.

Best practices for managing and storing secrets including API keys and other credentials  [cheat sheet included]

Best practices for managing and storing secrets including API keys and other credentials [cheat sheet included]

Storing and managing secrets like API keys and other credentials can be challenging, even the most careful policies can sometimes be circumvented in exchange for convenience. We have compiled a list of some of the best practices to help keep secrets and credentials safe.

8 steps to keep remote development teams secure

8 steps to keep remote development teams secure

There is no doubt that the world's workforce is becoming more remote, particularly in tech as developers can now work from any location in the world. But there are a large number of new obstacles that come with this. The most pressing is security.

arrow-down