Security
Combating Insider Threats from the Inside OutInsider threats are one of the most difficult risks for security teams to manage because most employees require some level of trust and privileges to perform their roles. Managing this risk involves detecting and containing the undesirable behavior of trusted accounts in the organization. This undesirable behavior often goes undetected for a long time. Insider […]
Security
The Secret to Securing your Software Supply ChainA software supply chain attack is a cyber attack where less secure elements in the chain such as third-party networks or code repositories are compromised by attackers as a means to embed hidden malware, which then finds its way into the infrastructures of organizations that use the final software. In these attacks, attackers try to […]
Security
Extra Security for Kubernetes Secrets with AkeylessKubernetes is a popular open source tool for automating application development. While Kubernetes includes a basic solution for keeping secrets (passwords, tokens, or keys), most organizations need an extra layer of management and security to streamline development and protect against leaks. Let’s take a deeper look at what Kubernetes provides and how you can easily […]
Security
DevSec For Scale Podcast Ep 7: Proactively Building Secure SoftwareSecurity is often an afterthought when it comes to designing and developing applications. Josh Grossman, CTO at Bounce Security and OWASP Israel Board member, talked to me about practical ways to build security into applications and the software development lifecycle. In this interview, we talk about OWASP and the open resources it provides for software […]
Security
DevSec for Scale Podcast Ep 6: Policy-as-CodePolicy-as-code is a relatively new methodology of managing and automating security policies through code. Eran Bibi, co-founder and CPO of Firefly and former R&D Director of Aqua Security, talked with me about how DevOps engineers can harness the power of policy-as-code to validate and secure their cloud deployments. In this interview, we talk about how […]
Security
Detect Risky Behavior with Akeyless & DatadogExpand your Akeyless monitoring activities by automatically forwarding your Akeyless logs to Datadog for ongoing alerts of outlying behaviors. Learn how in this blog post.
Security
DevSec For Scale Podcast Ep 5: Cloud Security for StartupsStartups have a different makeup than large organizations. Their DNA is just different as they are more lean and agile. This offers startup developers the ability to shift their security as far left as possible and make the right moves from the beginning to secure their infrastructure and applications. However, not all startups have a […]
Security
Disrupting the Kill Chain with Just-in-Time AccessAdversaries have many devious ways to get access to an organization’s data, for different reasons, including data theft or ransom. Many of their actions can be categorized in different steps as part of a concept known in cyber security as a kill chain. Meanwhile, security teams are looking for ways to break this chain, and […]
Security
DevSec For Scale Podcast Ep 4: Shift-Left Product SecurityProduct security is a big subject. You have to consider aspects ranging from design to code reviews to static code analysis to CI/CD and through deployment and scaling. Not only that, the security focus changes as you grow into a larger organization and through IPO or M&A. Neatsun Ziv, CEO of Ox Security, formerly VP […]
Security
DevSec For Scale Podcast Ep 3: Improving Software Supply Chain TrustSupply chains are found everywhere in our world from food to clothing to school supplies. For each item that is built or created there is a chain of suppliers for each piece of the final item. The famous example is the pencil. Something as simple as a pencil actually takes numerous suppliers of graphite, wood, […]
News | Security
How Your Vendor’s Security Practices Impact Your BusinessAkeyless puts security at the heart of its service. The confidentiality, integrity, and availability of our customer’s data are our top priorities. We understand (and as a security company, we encourage) that our customers do not blindly trust their vendors. Engaging with any vendor that handles your most sensitive data and infrastructure, requires a high […]
News
Why Progress Uses Akeyless to Support their Hybrid Multicloud StrategyProgress Software Corporation (Progress) offers software for creating and deploying business applications. Progress is headquartered in Burlington, Massachusetts with offices in 16 countries and employs approximately 2100 people. From an organizational perspective, the company is broken down into different divisions, which have individual responsibilities, including application and digital experience, as well as creating tools and/or […]
