Guest Expert, Author at Security Boulevard

Vulnerability Management Lifecycle in DevSecOps

Guest Expert — Wed, 27 Mar 2024 18:55:39 +0000

In this new series, CJ May shares his expertise in implementing secure-by-design software processes that empower engineering teams.
The first stage of his DevSecOps program: vulnerability management.

The post Vulnerability Management Lifecycle in DevSecOps appeared first on Security Boulevard.

How To Respond To An AWS Key Honeytoken Trigger: A Detailed Guide

Guest Expert — Thu, 21 Mar 2024 16:57:00 +0000

Learn how to effectively respond to an AWS key honeytoken trigger with this step-by-step guide. Investigate the incident, identify the leak source, secure your environment, and leverage OSINT techniques to protect your AWS infrastructure.

The post How To Respond To An AWS Key Honeytoken Trigger: A Detailed Guide appeared first on Security Boulevard.

A Guide to Cloud Security Posture Management (CSPM)

Guest Expert — Wed, 28 Feb 2024 18:54:06 +0000

What is CSPM? Cloud Security Posture Management is about identifying and remediating security misconfigurations and risks to (IaaS) Infrastructure as a Service or (PaaS) Platform as a service environments.

The post A Guide to Cloud Security Posture Management (CSPM) appeared first on Security Boulevard.

How to Handle Mobile App Secrets

Guest Expert — Fri, 23 Feb 2024 16:00:10 +0000

Learn why storing secrets in mobile apps is a major security risk, how to manage user and developer secrets properly, and why client-side secrecy is impossible. Find out the best practices for securing mobile app secrets and protecting your data.

The post How to Handle Mobile App Secrets appeared first on Security Boulevard.

How SAST Tools Secure AI-generated Code

Guest Expert — Mon, 19 Feb 2024 10:22:38 +0000

As AI continues to reshape how code is written and managed, the emphasis on vigilant, security-conscious development practices becomes increasingly crucial. SAST stands as a critical tool in ensuring that the efficiencies gained through AI do not come at the cost of security and reliability.

The post How SAST Tools Secure AI-generated Code appeared first on Security Boulevard.

Securing The Software Delivery Pipeline With Honeytokens

Guest Expert — Wed, 14 Feb 2024 17:06:13 +0000

Discover how honeytokens enhance security by detecting breaches in real-time across the software development lifecycle. Learn how to deploy these decoy credentials and traps effectively, bolstering defenses against cyber threats.

The post Securing The Software Delivery Pipeline With Honeytokens appeared first on Security Boulevard.

Understanding Broken Object Level Authorization (BOLA) Vulnerability in API Security

Guest Expert — Wed, 14 Feb 2024 16:49:59 +0000

Explore Broken Object Level Authorization (BOLA), its implications, how it can be exploited, and how to secure your applications against it.

The post Understanding Broken Object Level Authorization (BOLA) Vulnerability in API Security appeared first on Security Boulevard.

Pulumi VS Terraform: The Definitive Guide to Choosing Your IaC Tool

Guest Expert — Mon, 05 Feb 2024 13:18:00 +0000

In this blog, we do a deep dive into Pulumi V.S. Terraform (and slightly touch the mechanism of AWS CDK/CDK for Terraform, for that matter).

The post Pulumi VS Terraform: The Definitive Guide to Choosing Your IaC Tool appeared first on Security Boulevard.

Terraform Project for Managing Vault Secrets in a Kubernetes Cluster

Guest Expert — Mon, 29 Jan 2024 11:17:42 +0000

This article uses Kubernetes Secrets as a native Kubernetes component for handling sensitive data at container runtime and Vault as a trusted storage and maintenance solution for sensitive data.

The post Terraform Project for Managing Vault Secrets in a Kubernetes Cluster appeared first on Security Boulevard.

Application Security Posture Management with GitGuardian and ArmorCode

Guest Expert — Tue, 02 Jan 2024 12:58:30 +0000

Managing GitGuardian Findings as Part of a Complete Risk-Based Software Security Program with ArmorCode ASPM.

The post Application Security Posture Management with GitGuardian and ArmorCode appeared first on Security Boulevard.