Latest Blogs

Cloud Security Insights, Thoughts, and Ideas

2 Min Read
Announcements and Highlights: Threat Stack at AWS re:Invent 2014

Kristin Dziadul

November 20, 2014

We just returned from a great week in Las Vegas, NV for the AWS re:Invent Conference. The conference brought together over 13,500 developers, ...

5 Min Read
Bringing Infosec Into The DevOps Tribe: Q&A With Gene Kim

Pete Cheslock

October 8, 2014

Last week, I had a call with Gene Kim, founding CTO of Tripwire and author of The Phoenix Project (see end of post for more details). I've known ...

3 Min Read
CVE-2014-6271 And You: A Tale Of Nagios And The Bash Vulnerability

Jen Andre

September 25, 2014

The internet is yet again feeling the aftereffects of another “net shattering” vulnerability: a bug in the shell ‘/bin/bash’ that widely ...

4 Min Read
8 Patterns For Continuous Code Security

Chris Wysopal

August 6, 2014

Guest post by Chris Wysopal, CTO at Veracode  ...

3 Min Read
Who Gets Access to Production?

Sam Bisbee

July 23, 2014

This is the third installment in our new series of weekly blog posts that dives into the role of SecDevOps. This series looks into why we need it in ...

4 Min Read
The Case for Continuous Security

Pete Cheslock

July 16, 2014

This is the second post in our new series of weekly blog posts that dives into the role of SecDevOps. This series looks into why we need it in our ...

3 Min Read
Cloud Security Is Always Your Responsibility

Jen Andre

December 18, 2013

Too many times we hear and read about how insecure the cloud is or worse — that the cloud is already secure because IaaS providers have security ...