"The PCI DSS security requirements apply to all system components included in or connected to the cardholder data environment."
The cardholder data environment (CDE) is comprised of people, processes and technologies that store, process or transmit cardholder data or sensitive authentication data. "System...
Kubernetes has become the de facto operating system of the cloud. This rapid success is understandable, as Kubernetes makes it easy for developers to package their applications into portable microservices. However, Kubernetes can be challenging to operate. Teams often put off addressing security processes until they...
By creating a Secure Devops workflow that integrates security, compliance and monitoring, organizations can accelerate deployment and confidently run container workloads in production on OpenShift with Sysdig, whether SaaS or on-premises.
This definitive guide for security and compliance on Red Hat OpenShift...
Contact-tracing apps are continuing to take shape around the world as the COVID-19 pandemic continues. Using privacy-by-design principles is critical to building trust in these apps, says privacy expert Ann Cavoukian.
Never store hardcoded credentials in code uploaded to public-facing GitHub repositories, and make sure none of your business associates are doing that. Those are just two takeaways from a new report that describes how nine organizations were inadvertently exposing health records for at least 150,000 patients.
Security teams need to plan and prepare for a consistent security and compliance posture across a larger, more fluid ecosystem in the cloud. To cover the additional attack surface, it's important to know all the nooks and crannies, and what operates within them. One of these operators are the App Dev teams that...
The world of application development has undergone significant change in recent years with the move from on-premises infrastructure to public clouds, adoption of new methodologies such as DevOps, and the introduction of new tools such as Kubernetes and Serverless.
This Aberdeen Research Report explores the challenges...
Over the past years, Cybersecurity has evolved from a technical challenge for the IT Security Division of businesses to a major concern for business leaders.
Cybersecurity incidents cause massive damage to organizations from small businesses to global leaders. Understanding the current status of attacks across the...
Security teams need to plan and prepare for a consistent security and compliance posture across a larger, more fluid ecosystem in the cloud. To cover the additional attack surface, it's important to know all the nooks and crannies, and what operates within them. One of these operators are the App Dev teams that...
To achieve better network visibility, security practitioners must improve their knowledge of tools that support web services, containers and the evolution of development practices, says Ed Moyle, co-founder of the cybersecurity advisory firm Security Curve.
DevSecOps is in its "awkward teenage years," says Matthew Rose of Checkmarx. But with new tooling and automation - particularly application security testing tools - he sees the practice maturing quickly and delivering improved outcomes.
Many governments are pursuing contact-tracing apps to combat COVID-19, but such projects risk subjecting populations to invasive, long-term surveillance - as well as insufficient adoption - unless they take an open, transparent and as decentralized approach, says cybersecurity expert Alan Woodward.
As businesses face pressure to release software faster, security is unfortunately not keeping pace, says Anthony Bettini of WhiteHat Security, who reviews DevSecOps challenges.
RSA 2020 touched on a number of topics, including the security of elections and supply chains, plus AI, zero trust and frameworks, among many others. But from sessions on cryptography, to this year's lower attendance, to the antibacterial dispensers dotted around venues, concerns over COVID-19 also dominated.
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing careersinfosecurity.co.uk, you agree to our use of cookies.
