How CISOs really feel about microservices, containers, and Kubernetes
| | The Brief | - While Docker containers have become an essential technology for microservices and auto-scaling in CI/CD pipelines, they've introduced risks that software teams need to understand better and mitigate. Learn the Best Practices for Docker Container Security for deploying microservices securely.
- "More than half of connected medical devices and IoT platforms in hospitals operate with a known critical vulnerability." Shifting security left in the development of medical device software could help identify and mitigate vulnerabilities like these. Creating a system-level threat model (as required by the FDA) can mitigate vulnerabilities like these.
- A $5M grant by Microsoft and Google to the Open Source Security Foundation (OpenSSF) speaks to the critical importance of 3rd-party software risk every enterprise is facing today. The grant will fund a two-part project that aims to scale vulnerability testing of the top 200 projects every year while running automated testing on an additional 10,000 projects.
| | | | | | Happenings | 30-Minute Threat Model While threat modeling is an incredibly useful process, it can also be intimidating. In this webinar, watch a short threat model of a feature in one of our CMD+CTRL applications to see firsthand how threat modeling can benefit your SDLC. Monday, February 7th at 2:00pm EST Tuesday, February 8th at 1:00pm EST Cloud Application Authentication and Access Control Vulnerabilities Watch as we dive deep into three common vulnerabilities found in the cloud –plus get a live look at the real-world effects of these vulnerabilities using one o four cloud-focused cyber ranges. Wednesday, February 9th at 1:00pm EST The Primary Colors of Cybersecurity: Red, Blue and Purple Teams Teaching dev and operations teams to think both offensively and defensively positions them for improved cybersecurity. Join this talk to hear industry experts explain the tremendous value of using attack and defend tactics. Friday, February 4th at 1:00pm EST Friday, February 11th at 1:00pm EST Defending Against Live MITRE ATT&CKs See firsthand how attackers can exploit the OWASP Top Ten and other vulnerabilities to break into applications and systems - and learn defensive techniques that can help to immobilize them. Thursday, February 10th at 1:00pm EST | | | | | | It's been nearly nine months since the White House released its executive order on improving US cybersecurity. Since then, three-quarters of respondents to a recent survey reported their fiscal 2022 IT security budgets had been increased to meet the requirements. | | | | | | | | |
No comments:
Post a Comment