All Things Compliance
5 Min Read Updated November 21, 2018
3 Reasons Why the Host Rules Cloud IDS
To truly appreciate why companies like Threat Stack point to the Cloud as a watershed event in their corner of the software industry, one must push past the hype and worn platitudes about “the Cloud with a capital C.” The reality is that it is the side effects that have caused such a large impact, […]
3 Min Read December 11, 2014
Deconstructing Shellshock To Prepare For the Next One
Yesterday, our Co-Founder and Chief Scientist, Jen Andre, and CEO, Doug Cahill, hosted a live webinar, “Preparing for the Next Shellshock.” Shellshock is the most notable and destructive vulnerability to date, and alongside POODLE and Heartbleed, 2014 has now been deemed the year with the most reported vulnerabilities in history.
4 Min Read November 24, 2014
4 Steps To Effectively Integrate DevOps Workflows With Cloud Security Practices
I’ve spent most of my career in Operations, and the last 5 years at various organizations advocating and instilling DevOps principles in the teams I work with. One thing I’ve noticed is that most companies value speed over security, which has traditionally been a blocker in delivering software. Recently, however, with more and more breaches […]
3 Min Read July 23, 2014
Who Gets Access to Production?
This is the third installment in our new series of weekly blog posts that dives into the role of SecDevOps. This series looks into why we need it in our lives, how we may go about implementing this methodology, and real life stories of how SecDevOps can save the Cloud.
4 Min Read July 16, 2014
The Case for Continuous Security
This is the second post in our new series of weekly blog posts that dives into the role of SecDevOps. This series looks into why we need it in our lives, how we may go about implementing this methodology, and real life stories of how SecDevOps can save the Cloud.
3 Min Read December 18, 2013
Cloud Security Is Always Your Responsibility
Too many times we hear and read about how insecure the cloud is or worse — that the cloud is already secure because IaaS providers have security groups and protection capabilities. These ideologies are all too common and far too wrong. By using outsourced cloud infrastructure, you are only outsourcing your infrastructure, not your security. Security is always your responsibility. […]