January 12, 2022
by sjvn01
0 comments
We’re going to be cleaning up Apache Log4j security problems for months to come, but the real problem isn’t that it was open-source software. It’s how we track and use open-source code. When security vulnerabilities were found in the extremely popular … Continue reading
January 12, 2022
by sjvn01
0 comments
Do you want to bring chaos engineering into your cloud and Kubernetes development? In short, do you want to beat up your applications in development before the real world of production gets its chance to knock them around? If so, you’ll be … Continue reading
January 11, 2022
by sjvn01
0 comments
When Palo Alto Networks (PANW) acquired Bridgecrew, the aim was to enable “shift left” security, with Prisma Cloud becoming the first cloud security platform to deliver security across the full application lifecycle. Now, with the release of Smart Fixes, it’s easier to see why PANW paid about … Continue reading
January 10, 2022
by sjvn01
0 comments
It’s not like the four — count ’em, four — Log4j security vulnerabilities aren’t more than just trouble in and of themselves. Just check in with the Belgian defense ministry to see what they have to say about it. Now, the U.S. Federal Trade Commission … Continue reading
January 6, 2022
by sjvn01
0 comments
GraphQL, the open source query language for application programming interfaces (APIs), is very powerful. With great power comes great responsibility, as Spider-Man reminds us, and sometimes developers go badly wrong. And, that’s exactly what happened, according to Salt Security, a leading … Continue reading
January 6, 2022
by sjvn01
0 comments
In 1992, the Berkeley Packet Filter (BPF) was introduced in Unix circles as a new, improved network packet filter. Nice, but not that big a deal. Then, in 2014, it was changed and brought into the Linux kernel as extended BPF (eBPF). Again, … Continue reading