Security | News, how-tos, features, reviews, and videos
Every day, software developers implicitly trust software packages, container images, dependency maintainers, repository operators, and build systems that we don’t know anything about. It’s the opposite of Zero Trust.
Identity, trust, and trust sharing are indispensable to our belief in the validity of the services we interact with on the internet.
Most of us picture cloud security threats as bad actors in some hostile country. More often, it’s you and your coworkers.
All the security funding in the world won’t help if you don’t train your people to patch your software.
The public cloud has better security than your data center, so you're likely to see more attacks on legacy systems to gain access to cloud data. Here’s how to fight back.
The Okta developer advocate and JHipster evangelist discusses Java and JavaScript development, monoliths and microservices, software scaling vs. people scaling, and making security friendlier for developers.
State of Kubernetes Security report indicates security is a roadblock for organizations adopting Kubernetes, containers, and a cloud-native ecosystems, though devsecops adoption is on the rise.
Open source Tracee uses Linux eBPF technology to trace system and applications at runtime, and analyzes collected events to detect suspicious behavioral patterns.
GitHub’s supply chain security features including the advisory database, Dependabot alerts, and dependency graph are now available for Rust Cargo files.
Security zones keep your applications and their data safe from bad actors and can help limit the impact of a security breach.