Operations | Monitoring | ITSM | DevOps | Cloud

Vulnerability Remediation: Automate VR Workflows with Puppet

Apr 23, 2025 By Perforce Puppet In Puppet
Secure and resilient infrastructure is non-negotiable. Puppet Enterprise Advanced automates critical tasks like patching, configuration management, and compliance, strengthening your security posture and bridging the gap between security and operations. Deploy essential updates quickly, minimizing threats and maximizing efficiency.
View Video
puppet

Why Puppet Vulnerability Remediation is a Game-Changer for Enterprise Infrastructure Ops

Apr 22, 2025 By Puppet In Puppet
Effective vulnerability management has become a growing priority for organizations. Aided in part by AI, threats and vulnerabilities grow in speed and sophistication while IT environments become more complex. The skill gap for cybersecurity keeps widening (further worsened by a sprawling toolkit), exposing critical systems to exploitation. Managing secure infrastructure manually just isn’t possible at the scale and speed today’s enterprises demand.
Read Post
circleci

Automating vulnerability scanning for Gradle dependencies with CircleCI

Apr 22, 2025 By Hangga Aji Sayekti In CircleCI
Detecting dependency vulnerabilities in a Gradle-based project is crucial because it prevents applications from using libraries (dependencies) with security holes. Imagine an application as a house. Each dependency, or library used in the project, is like building material (such as wood, glass, or bricks). If there’s a flawed or easily penetrable material, the house can become unsafe, such as being more vulnerable to thieves or collapsing during an earthquake.
Read Post
cloudsmith

OWASP CI/CD Top 10: Inadequate Flow Control in CI/CD Pipelines

Apr 17, 2025 By Nigel Douglas In Cloudsmith
With the recent shake-up around CVE funding and broader questions about long-term support for cybersecurity infrastructure, one thing is clear: controlling what you can is more important than ever. This is abundantly clear in modern software development practices which rely heavily on CI/CD systems, which in turn serve as the primary conduit from a developer’s local environment to production.
Read Post
cloudsmith

Cloudsmith introduces EPSS Scoring in Enterprise Policy Management (EPM)

Apr 2, 2025 By Nigel Douglas In Cloudsmith
Cloudsmith’s Enterprise Policy Management (EPM) now supports the Exploit Prediction Scoring System (EPSS), a data-driven metric designed to estimate the probability of a software vulnerability being exploited in the wild. Using EPM in Cloudsmith, you can now use a package’s EPSS score to inform your package workflows, including those around Package Promotion and Package Quarantine.
Read Post
Understanding Zero Day Malware: The Invisible Threat

Understanding Zero Day Malware: The Invisible Threat

Apr 2, 2025 By OpsMatters In OpsMatters
In today's rapidly evolving digital landscape, cybersecurity threats continue to grow in both sophistication and impact. Among these threats, zero day malware stands out as particularly dangerous because it exploits previously unknown vulnerabilities in software or hardware. These vulnerabilities, known as "zero day vulnerabilities," have not yet been patched by vendors, leaving systems completely exposed with no existing defenses. This creates a critical window of opportunity for attackers to compromise systems before security teams can respond.
Read Post
canonical

Securing Software Supply Chains: New Research Highlights Industry Vulnerabilities

Mar 31, 2025 By Hugo Huang In Canonical
New IDC study, co-sponsored by Canonical and Google Cloud, reveals the challenges and opportunities for organizations securing their software supply chains. Today, Canonical and Google Cloud released findings from a joint research project conducted by the International Data Corporation (IDC) that sheds light on the critical challenges organizations face in securing their software supply chains. The report, “The State of Software Supply Chains.
Read Post

Part 1: Solving the Top 10 Problems with Vulnerability Management | Security Insights, Ep. 49

Mar 25, 2025 By Ivanti In Ivanti
We promised we'd come back with the solutions to all your vulnerability management problems, so here we are. Plus, we're counting down in unranked order *and* starting from on our list, just to keep you on your toes. Ivanti's Chris Goettl and Robert Waters will go through how you can address resource constraints, siloed tools and data, limited attack surface visibility, inaccurate view of exposures and data overload.
View Video

Copyright © 2026 OpsMatters™. All rights reserved.