Configuration Management

cyber security, internet, hacking-3400555.jpg

DevSecOps best practices to secure cloud-native and microservices-based applications

The National Institute of Standards and Technology (NIST) has issued the NIST SP 800-204C “Implementation of DevSecOps for a Microservices-based Application with Service Mesh.” The guidelines include many best practices on how organizations and secure their CI/CD pipeline and enhance the software delivery processes.

DevSecOps best practices to secure cloud-native and microservices-based applications Read More »

NIST SP 800-204C: Implementation of DevSecOps for a Microservices-based Application with Service Mesh

he National Institute of Standards and Technology (NIST) has issued the NIST SP 800-204C “Implementation of DevSecOps for a Microservices-based Application with Service Mesh.”

NIST SP 800-204C: Implementation of DevSecOps for a Microservices-based Application with Service Mesh Read More »

NSA: New guidance to eliminate obsolete TLS protocols

The National Security Agency (NSA) has issued new guidance to eliminate obsolete Transport Layer Security (TLS) protocol configurations (such as TLS 1.0, TLS 1.1, SSLv2, SSLv3 and weak ciphers).

NSA: New guidance to eliminate obsolete TLS protocols Read More »

CISA: Threat actors behind SolarWinds hack pose ‘grave risk’ (updated)

The Cybersecurity and Infrastructure Security Agency (CISA) has warned the recent compromise by threat actors of SolarWinds poses a ‘grave risk’ to critical infrastructure, government and private sector organizations.

CISA: Threat actors behind SolarWinds hack pose ‘grave risk’ (updated) Read More »