Security
Introduction to the Linux Foundation’s SLSA project
Supply Chain Security is a hot topic these days. And more and more, we as developers are dealing with this daily. But what does this mean for us, and how is this influencing our job? I want to give an overview of common attacks against the Software Supply Chain from the developer’s view and will…
The Power of #JFrog Build Info (Build Metadata)
Intro This article will take a detailed look at what the term build-info is all about and why it will help us protect against attacks such as the Solarwinds Hack. What is the concept behind the term – build-info? Let’s start at the very beginning and clarify the basic principle behind the term build-info. The…
SolarWinds hack and the Executive Order from Mr Biden — And now?
In the past two years, we have had to learn a lot about cybersecurity. The new attack vectors are becoming more and more sophisticated and are directed more and more against the value chain in general. But what does that mean for us? What can be done about it, and what reactions have the state…
What is the difference between SAST, DAST, IAST and RASP?
Intro: In this post, we’re going to look at the differences between the various cybersecurity defence techniques. Here you can identify four main groups, which we will go through briefly one after another to illustrate the advantages and disadvantages. SAST – Static Application Security Testing SAST describes the process in which the components of an…
Loading…
Something went wrong. Please refresh the page and/or try again.