ArtiPACKED: Hacking Giants Through a Race Condition in Github Actions Artifacts
Research reveals how GitHub Actions artifacts in CI/CD workflows can leak tokens, granting malicious actors high-level cloud access and enabling severe consequences.
Palo Alto Networks
DevOps
Drive Towards Preventing Breaches and Pipeline Attacks with Prisma Cloud
CI/CD pipeline and developer-friendly code security integrated into an intelligent code-to-cloud CNAPP provides unmatched visibility and control for A...
All the Small Things: Azure CLI Leakage and Problematic Usage Patterns
Developer usage patterns with Azure CLI may leak sensitive data in CI/CD logs when used in public repositories, potentially exposing critical information.
Announcement, Cloud Native Application Platform, Cloud Security, DevOps, DevSecOps, Must-Read Articles
Cloud-Native Security Survey: Patterns and Tipping Points in New Report
2023 Cloud security survey offers new data highlighting challenges faced by cloud security professionals and posing risk...
How to Think About DevSecOps for a Secure Future
Despite the technological advances of recent years (or perhaps because of them), the number of threats on the internet continues to rise. In fact, a 2022 survey from ThoughtLab found that the number of breaches...
It’s Not All Bad! Using Cloud Drift for Teachable Moments
Stack Overflow’s 2021 Developer Survey found that 54% of developers use AWS, yet only 7% use Terraform. That means that far more developers have adopted provisioning, managing and decommissioning cloud infrastr...
From Manifest to Workload: Embedding Kubernetes Security at Each Phase of t...
Part of the answer is to identify and address security risks within the various components of Kubernetes itself as well as their configurations. You can do this by, for example, va...
New: More Cloud NGFW Scalability Across Multiple AWS VPCs
Announcing the Multi-VPC Cloud NGFW resource in Cloud NGFW for AWS, which allows you to share the same resource across multiple virtual private clouds (VPCs).
See The Latest Software Firewall Developments at AWS re:Invent 2022
Join us in-person in Las Vegas for AWS re:Invent - you won’t want to miss software firewall best practices for securing applications and workloads in the cloud.
Addressing Security Throughout the Infrastructure DevOps Lifecycle
Learn how to address cloud security at each step of the infrastructure development lifecycle, from infrastructure as code in your IDE to running cloud resources.
CN-Series Container Firewall Now Supported on Oracle Kubernetes Engine
Announcing CN-Series on Oracle Kubernetes. Gain best-in-class network security for containers and boost security productivity.
How Cybersecurity Transformation Unlocks Innovation and Brand Growth
Comprehensive cybersecurity transformation enables and improves operational resilience. It evolves, meets security challenges across the enterprise.
How Does DevSecOps Fit Into Your Digital Transformation?
Going digital and embarking on a digital transformation is hard enough without having to rethink your entire security strategy. By weaving security into the fabric of your company's digital identity, you can ca...
The DevSecOps Revolution Is Here: What Is DevSecOps & How Can It Boost ...
DevSecOps is the practice of automating and integrating security into every stage of the software development lifecycle. This philosophy introduces a security-focused direction, al...
3 Simple Techniques to Add Security Into the CI/CD Pipeline
Three approaches using a minimal footprint for DevOps and security teams to add security into the CI/CD pipeline.
Cloud Native Security: Intention vs. Practice
Comparing the results of our State of Cloud Native Security Report with threat research from Unit 42 reveals three interesting parallels.
How Prisma Cloud Secures Cloud Native App Development with DevOps Plugins
Prisma Cloud has many DevOps plugins to detect insecure configurations in IaC templates and vulnerabilities in container images.
Uniting Dev and Sec Teams by Putting Security First
Many companies are still struggling to “shift left,” despite its known advantages. Fortunately, there are actionable steps that companies can take to help facilitate this cultural shift and get all teams involv...
4 Practical Steps for 'Shift Left' Security
In its most simple terms, “shift left” security is moving security to the earliest possible point in the development process.
How Are You Tackling Cloud Compliance?
Can you demonstrate cloud compliance without overworking your teams in the process?
Focus on Security First, Before Coding the Next Feature Set
Before you start working on the next set of product features, I implore you to do a security assessment.
Subscribe to the Blog!
Sign up to receive must-read articles, Playbooks of the Week, new feature announcements, and more.
By submitting this form, you agree to our Terms of Use and acknowledge our Privacy Statement. Please look for a confirmation email from us. If you don't receive it in the next 10 minutes, please check your spam folder.