Command injection is a kind of cyber attack that allows an attacker to execute arbitrary commands on a system. Attackers accomplish this by exploiting vulnerabilities in an application’s input validation process.

Access control is a security mechanism that regulates who has access to sensitive data, resources, and systems. It ensures that only authorized users can access sensitive data and activities while keeping unauthorized users out. Access control is critical for protecting sensitive data such as personally identifiable information (PII), financial information, and intellectual property.

Securing sensitive data is crucial for any application, but managing this data can be complex and error-prone. Docker secrets provide a reliable and secure way to handle sensitive information like passwords, API keys, and certificates in your Docker environment. In this introductory guide, we’ll explore what Docker secrets are, how to use them with practical examples, and share some best practices to help you safeguard your sensitive data effectively.

If you’re part of a software engineering team in digital health, medtech, medical devices, Software as a Medical Device (SaMD), etc. you have to comply with regulatory standards. And one of the biggest challenges engineering leads have in this sector is figuring out what they have to do to achieve software delivery compliance.

Hello, and welcome to the April edition of the changelog. The weather is finally starting to stabilize and resembles one rather than all the seasons. Parks are full of colors and goslings, and at Kosli we’re as busy as ever, so let’s get right into it.

Have you ever had to debug an environment and found it hard to understand exactly what had changed? In the worst case scenarios you have to figure this out during high-pressure situations, like when an outage or regression has happened. Digging through platform logs and cloud consoles is a real nightmare, and it’s often futile because the information has disappeared.

The EO 14028 regarding supply chain security and the need to generate a Software Bill of Materials feels closer to more and more organizations. It might feel like a threat - and that’s a fair feeling. The whole topic of Billing of Materials is not new, but it is a relatively recent trend for software.

Your code base is growing more and more by the minute alongside the apps your business uses and develops. To give some context, the Linux Foundation Report estimated that “Free and Open Source Software (FOSS) constitutes 70-90% of any given piece of modern software solutions”. This means that 70-90% of your final software possibly depends on OSS.

Hello, and welcome to the March edition of the changelog. Spring is on her way, days are now longer than nights (at least in the northern hemisphere where me and my Kosli colleagues reside) and new Kosli features are popping up like snowdrops. We have the latest release of the CLI and a bunch of other stuff to share with you, so let’s get right into it.