Blog

raygun

Useful tools to manage your application's secrets

When you build and deploy an application, chances are that you need to store some form of secrets. These are typically things like credentials for 3rd party systems and database credentials. As an ASP.NET Core developer, Microsoft provides you with an easy way to store secrets like these in your development environment, namely the Secret Manager.

iopipe

Underscore VC Interview: The Tricks to Designing Data Products

In today’s data-rich world, data products that turn data assets into actionable insights are becoming increasingly valuable. Technologies that help users surface, process, organize, store, share, and act on data have defined a new generation of products. That’s why we sat down with Katie Bayes, a product engineer at IOPipe. Katie has deep experience designing data products, and her advice will prove valuable to any teams designing data products.

tripwire

Multi-Cloud Security Best Practices Guide

A multi-cloud network is a cloud network that consists of more than one cloud services provider. A straightforward type of multi-cloud network involves multiple infrastructure as a service (IaaS) vendors. For example, you could have some of your cloud network’s servers and physical network provided by Amazon Web Services (AWS), but you’ve integrated that with your servers and physical networking that’s provided by Microsoft Azure.

epsagon

Istio: Your Friendly Service Mesh

There is a new hype in the DevOps world: Istio and service meshes. But why exactly is everyone suddenly migrating to Istio? In this post, we will examine whether it actually makes sense to use Istio and in which use cases it may help you (as well as when it’s simply an overkill). But before discussing Istio, we should first introduce the concept of a service mesh.

reciprocity

PCI DSS: Testing Controls and Gathering Evidence

Compliance with the Payment Card Industry Data Security Standard (PCI DSS) is not easy to achieve. Quite the opposite, in fact: A 2017 Verizon report stated that 80 percent of companies fail their PCI DSS assessments, and only 29 percent of those that pass are still compliant after one year. PCI DSS compliance, like information security as a whole, is not a one-and-done process but ongoing. To succeed, your enterprise must be vigilant.

unomaly

Observing Google Cloud Platform Services Best Practices

Google Cloud Platform (GCP), offered by Google, is a suite of cloud computing services that runs on the same infrastructure that Google uses internally for its end-user products, such as Google Search, Gmail and YouTube. Google Cloud Platform provides infrastructure as a service, platform as a service, and serverless computing environments.

detectify

Anne-Marie Eklund Lwinder: "I was good at making others' code stop running very early on."

She’s the CISO of The Internet Foundation of Sweden (IIS) and one of 14 trusted individuals to hold a Key to the Internet, which means the DNSSEC key generation for the internet root zone. Anne-Marie Eklund Löwinder is also one of the few Swedes who have been inducted into the Internet Hall of Fame.

logz.io

Five Tools for User Activity Monitoring

As discussed in our blog post [What is User Activity Monitoring?], user activity monitoring (UAM) is a form of surveillance that provides visibility and insight into employee productivity and engagement while also revealing insider security threats. While UAM on company-owned or company-sanctioned devices and networks is legal, ethical and HR considerations require that UAM be implemented with a high level of professionalism and sensitivity.

manageengine

Exciting news about ServiceDesk Plus' IT asset management module

We’re delighted to announce that ServiceDesk Plus, our flagship IT service management (ITSM) solution, received PinkVERIFY 2011 certification for its IT asset management (ITAM) processes. This adds to ServiceDesk Plus’ existing PinkVERIFY certifications for its incident management, request fulfillment, and change management processes.