%term

OWASP CI/CD Part 5 - Insufficient PBAC

Jun 6, 2025 By Nigel Douglas In Cloudsmith

One of the more overlooked yet critical vulnerabilities highlighted in the OWASP Top 10 for CI/CD Security Risks is Insufficient PBAC (Pipeline-Based Access Controls). Let’s unpack what PBAC is, why it's essential, and how you can leverage modern access control tools like Open Policy Agent (OPA) and Rego to mitigate these risks effectively.

Read Post

Cloudsmith

Read more about OWASP CI/CD Part 5 - Insufficient PBAC

Secure Docker Image Pulls from Cloudsmith to Kubernetes using OIDC

Jun 6, 2025 By Ian Duffy In Cloudsmith

Pulling Docker images from private registries for containerised applications presents a security challenge. It requires authentication management, network access, and trust across distributed systems. Credentials must be securely handled and rotated, and image pulls can break due to network restrictions or expired tokens. All of this makes deployment and security harder.

Read Post

Cloudsmith

Read more about Secure Docker Image Pulls from Cloudsmith to Kubernetes using OIDC

Docker Hardened Images & Cloudsmith: Modern Security for the Software Supply Chain

Jun 6, 2025 By Maia Livingstone In Cloudsmith

Explore how Docker and Cloudsmith help secure the software supply chain with SBOMs, signatures, provenance, and hardened images - enabling end-to-end visibility and trust without slowing development.

Read Post

Cloudsmith

Read more about Docker Hardened Images & Cloudsmith: Modern Security for the Software Supply Chain

AI + Dark Mode: Introducing AI-Powered Insights and The Long Awaited Dark Mode

Jun 6, 2025 By Adnan Rahic In ObservIQ

Join the live stream at 11 am ET, here. Launch Week’s Friday drop delivers two of the most-requested upgrades we’ve ever shipped: Together, they turn Bindplane into a cooler , and smarter , place to manage observability and SecOps telemetry. A full suite of extensive AI features will be rolling out over the coming weeks. This is just the beginning!

Read Post

ObservIQ

Read more about AI + Dark Mode: Introducing AI-Powered Insights and The Long Awaited Dark Mode

Revolutionizing User Experience with Agentic AI

Jun 6, 2025 By Ivanti In Ivanti

Revolutionizing User Experience with Agentic AI Agentic AI integration creates prompt-driven interfaces that simplify access to information and ticketing for users. AI incident correlation reduces service downtime, boosting productivity. Ring deployment automates patch management for controlled updates, while lifecycle management of gateways enhances security. Autonomous endpoint management tackles time and data challenges, leading to more efficient operations. The focus is on leveraging technology to innovate and optimize resources.

View Video

Ivanti

Read more about Revolutionizing User Experience with Agentic AI

What is CMMC compliance?

Jun 6, 2025 By Henry Coggill In Canonical

The Cybersecurity Maturity Model Certification, or CMMC for short, is a security framework for protecting Controlled Unclassified Information (CUI) in non-federal systems and organizations. The CMMC compliance requirements map to the set of controls laid out in the NIST SP 800-171 Rev 2 and NIST SP 800-172 families.

Read Post

Canonical

Read more about What is CMMC compliance?

Where creativity and code collide: Top Down with Adhish Thite

Jun 6, 2025 By Jeanetta Clement In Elastic

Inside an AI engineer’s creative workspace.

Read Post

Elastic

Read more about Where creativity and code collide: Top Down with Adhish Thite

Monitoring ECS Metrics: A Guide for Developers and Operations Teams

Jun 6, 2025 By Krish Chandra In eG Innovations

For anyone leveraging cloud computing, Amazon Elastic Container Service (ECS) continues to provide a seamless solution for managing containerized applications. AWS Fargate takes this cloud-native architecture a step further by allowing you to run containers without servers or clusters. As a serverless offering for ECS, Fargate provisions compute capacity and scales it based on demand.

Read Post

eG Innovations

Read more about Monitoring ECS Metrics: A Guide for Developers and Operations Teams

vmagent: Key Features Explained in Under 15 Minutes

Jun 6, 2025 By Phuong Le In VictoriaMetrics

This discussion is a part of the Basic Series serving as the starting point to quickly get you started with VictoriaMetrics. vmagent is a lightweight metrics collection agent that acts as a bridge between your applications and monitoring storage systems like VictoriaMetrics.

Read Post

VictoriaMetrics

Read more about vmagent: Key Features Explained in Under 15 Minutes

IPL: How to create lists with ipl-web

Jun 6, 2025 By Sukhwinder Dhillon In Icinga

In my previous blog post, I explained how to build lists using ipl-web widgets. That method will soon be deprecated due to its complexity. With the recent ipl-web release, we have introduced a simpler and more flexible approach to building lists, using a lightweight rendering interface and a single class, as described below.

Read Post

Icinga

Read more about IPL: How to create lists with ipl-web

Operations | Monitoring | ITSM | DevOps | Cloud

OWASP CI/CD Part 5 - Insufficient PBAC

Secure Docker Image Pulls from Cloudsmith to Kubernetes using OIDC

Docker Hardened Images & Cloudsmith: Modern Security for the Software Supply Chain

AI + Dark Mode: Introducing AI-Powered Insights and The Long Awaited Dark Mode

Revolutionizing User Experience with Agentic AI

What is CMMC compliance?

Where creativity and code collide: Top Down with Adhish Thite

Monitoring ECS Metrics: A Guide for Developers and Operations Teams

vmagent: Key Features Explained in Under 15 Minutes

IPL: How to create lists with ipl-web

Monthly Archive

Follow Us