12 matches found
CVE-2026-30836 Step CA: Unauthenticated Certificate Issuance via SCEP UpdateReq (MessageType=18)
Step CA is an online certificate authority for secure, automated certificate management for DevOps. Versions 0.30.0-rc6 and below do not safeguard against unauthenticated certificate issuance through the SCEP UpdateReq. This issue has been fixed in version 0.30.0...
Elastic WAF: Reshaping Application Security for DevOps and Hybrid Environments
We recently discussed Imperva’s vision for the future of application security, where we also covered the Imperva Security Engine. This innovative application security framework is powering up the next generation of Imperva solutions, the first of which is Imperva Elastic WAF. This blog is the fir...
The New Frontline: Why DevOps Became a Cyber Target
Running short on time but still want to stay in the know? Well, we’ve got you covered! We’ve condensed all the key takeaways into a handy audio summary. Our AI-driven podcasts are fit for on the go. Click right here to hear it all on CAASM & CDMB Inefficiencies! Your developers didn't become...
How DevOps Can Move Fast and Stay Secure with TruRisk
Don’t Spend Your Time Fixing Too Many Vulnerabilities In modern DevOps, speed is everything—and so is security. But for most teams, the two feel constantly at odds. The reality? You’re probably spending valuable time fixing vulnerabilities that don’t actually matter. Moreover, there’s always the...
Introducing new Microsoft Defender for Cloud innovations to strengthen cloud-native protections
Security teams face an expanding attack surface as organizations increasingly use cloud-native services to develop, deploy, and manage applications across their multicloud and hybrid environments. Their challenge is compounded by incomplete visibility, siloed processes, and a lack of prioritized...
Introducing new Microsoft Defender for Cloud innovations to strengthen cloud-native protections
Security teams face an expanding attack surface as organizations increasingly use cloud-native services to develop, deploy, and manage applications across their multicloud and hybrid environments. Their challenge is compounded by incomplete visibility, siloed processes, and a lack of prioritized...
Introducing new Microsoft Defender for Cloud innovations to strengthen cloud-native protections
Security teams face an expanding attack surface as organizations increasingly use cloud-native services to develop, deploy, and manage applications across their multicloud and hybrid environments. Their challenge is compounded by incomplete visibility, siloed processes, and a lack of prioritized...
Introducing new Microsoft Defender for Cloud innovations to strengthen cloud-native protections
Security teams face an expanding attack surface as organizations increasingly use cloud-native services to develop, deploy, and manage applications across their multicloud and hybrid environments. Their challenge is compounded by incomplete visibility, siloed processes, and a lack of prioritized...
Workshop: Building Modern Applications with DevOps Security
In this workshop, you’ll learn how to leverage DevOps Security with your serverless applications running on AWS Lambda or containerized applications running on AWS Fargate. Learn how to make cloud security more efficient, proactive, and gain visibility...
Is Your AWS Data Secure and Compliant? Cloud Database Visibility in Minutes
Internal and external attackers are after your data. Regardless of where the data resides, cloud, or on-premises, you need to protect it. In some cases that data needs to be put under compliance controls. Data protection principles hold for data hosted in the cloud database as a service DBaaS. Fo...
NIST Recognizes RASP as Critical to Lowering Risk
The United States Congress ratified the Cybersecurity Framework set forth by the National Institute of Standards and Technology NIST in 2014 to standardize the practices and controls that mitigate constantly evolving cyberthreats. The framework has been adopted by federal and local government...
Trend Micro launches Trend Micro Cloud One™, a leading security services platform for cloud builders
Everything you need for cloud security Today, Trend Micro is excited to announce the launch of Trend Micro Cloud One, our new security services platform for cloud builders. This powerful new platform will help our customers simplify their hybrid and multi-cloud security. Cloud One gives you the...