DevSecOps
![CVE of the month, the supply chain attack hidden for 10 years CVE-2024-38368](https://cdn.statically.io/img/securityboulevard.com/wp-content/plugins/pt-content-views-pro/public/assets/images/lazy_image.png)
CVE of the month, the supply chain attack hidden for 10 years CVE-2024-38368
For over a decade, a massive vulnerability that could have unleashed a huge supply chain attack lay dormant. Luckily the good guys found it first or so it seems. This month we ...
![vulnerabilities, servers, vulnerability, Linux, vulnerability management, risk-based, vulnerabilities third-party supply chain Okta endpoint security](https://cdn.statically.io/img/securityboulevard.com/wp-content/plugins/pt-content-views-pro/public/assets/images/lazy_image.png)
Latest OpenSSH Vulnerability Might Impact 14M Linux Systems
Qualys this week reported the discovery of a Remote Unauthenticated Code Execution (RCE) vulnerability in OpenSSH servers (sshd) that could potentially impact more than 14 million Linux systems ...
![Finding leaked credentials in Docker images - How to secure your Docker images](https://cdn.statically.io/img/securityboulevard.com/wp-content/plugins/pt-content-views-pro/public/assets/images/lazy_image.png)
Container Security Scanning: Vulnerabilities, Risks and Tooling
Container security is crucial in the age of microservices and DevOps. Learn about common container vulnerabilities, container security scanning, and popular tools to secure your containers in this comprehensive guide ...
MISRA validation on FreeRTOS
Parts of the FreeRTOS kernel are MISRA 2012 compliant (details are here). I am quite impressed with the work done to make a project originally written without MISRA in mind MISRA-compliant. They used ...
![Introducing GitGuardian's Advanced Jira Cloud integration](https://cdn.statically.io/img/securityboulevard.com/wp-content/plugins/pt-content-views-pro/public/assets/images/lazy_image.png)
Unlocking the Full Potential of GitGuardian: Empowering Developers In Code Security
Improve workflows with collaborative incident management to minimize vulnerabilities and enhance productivity with GitGuardian while empowering developers via ggshield ...
![CVE of the month, CheckPoint Security Gateway exploit CVE-2024-24919](https://cdn.statically.io/img/securityboulevard.com/wp-content/plugins/pt-content-views-pro/public/assets/images/lazy_image.png)
CVE of the month, CheckPoint Security Gateway exploit CVE-2024-24919
This month we dive into CheckPoints CVE-2024-24919 to explain what this vulnerability does and why we have seen it being used in the wild already! ...
![Why SAST + DAST can't be enough](https://cdn.statically.io/img/securityboulevard.com/wp-content/plugins/pt-content-views-pro/public/assets/images/lazy_image.png)
Why SAST + DAST can’t be enough
Static and dynamic app testing are cornerstones for any comprehensive AppSec program, yet they rarely rise up to the challenges of fully securing modern software. Discover why secrets are one of their ...
![CircleCI talent cybersecurity](https://cdn.statically.io/img/securityboulevard.com/wp-content/plugins/pt-content-views-pro/public/assets/images/lazy_image.png)
The Role of DevSecOps in Enhancing CNAPP Efficiency
Incorporating DevSecOps into CNAPP strategies can improve the way organizations develop and secure their applications ...
![Securing mission critical containers against exploitation](https://cdn.statically.io/img/securityboulevard.com/wp-content/plugins/pt-content-views-pro/public/assets/images/lazy_image.png)
Pipeline Integrity and Security in DevSecOps
Last episode of C.J. May's series on implementing a DevSecOps program: how to harden your software delivery pipelines to maintain robust security measures ...
![Secrets detected on GitHub by year](https://cdn.statically.io/img/securityboulevard.com/wp-content/plugins/pt-content-views-pro/public/assets/images/lazy_image.png)
How to Use Git Secrets for Better Code Security
You know that sinking feeling after you hit “commit”? That moment when you suddenly wonder, “Wait, did I just accidentally expose an API key or hardcode The post How to Use Git ...