Interview series with JAX DevOps speakers — Part 2

Should we incorporate a “Security First” mindset in DevOps? 6 experts weigh in

Should you pay more attention to security when drafting your DevOps approach? Our experts think that security should be included in the initial development along with all other concerns about how the software should perform. We invited six JAX DevOps speakers to weigh in on the importance of security in a DevOps context, companies’ move to the cloud and how/if this trend will continue to grow in 2018. 

macOS and Linux are safe

Critical Electron vulnerability puts popular Windows apps at risk

It’s been less than a month since the Spectre and Meltdown debacle but apparently, it’s time for a new flaw to dominate the news. The critical vulnerability lies in Electron — the team deployed a patch for the vulnerability and they ask you to update your apps to the latest stable version immediately.

An analysis of some corner-case performance issues with Meltdown patches

Meltdown, Spectre and Linux on AWS: Security vs. performance

The Meltdown and Spectre story continues. Even though Amazon Web Services’ (AWS) response shows that they’ve already patched and protected their infrastructure you still have work to do. AWS’ Shared Responsibility Model means that you are responsible for patching the operating system running on your EC2 instances, and this is where things get … complicated.

Expect more real action to protect privacy

What’s coming in 2018: Digital privacy and security predictions

Organizations in 2018 will have greater capabilities to decentralize information need, through both blockchain- and non-blockchain-based solutions. In this article, Joe Stuntz, Vice President of Cybersecurity at One World Identity (OWI) gives his digital privacy and security predictions.

DevOpsCon 2017

Top tips to keep Docker running securely in production

Security is one of the core issues when creating a production environment. Particularly when using the Docker ecosystem in general and Docker Swarm in particular, the question arises of how to secure the development process. In his session at the DevOpsCon 2017 in Berlin, Gianluca Arbezzano, software engineer at InfluxData, gives important tips on setting up a production environment, immutability, and security concepts for dockers.

Updating Agile for the DevOps decade

Agile development and security: Are you doing it right?

Agile development is great for a lot of things. However, it’s important to remember security issues in the development process. In this article, Jessica Cyrus goes over the best ways to make sure security concerns are adressed properly in the Agile development process.

Security should not be taken lightly

Open Source security lifecycle: It takes almost 3 years to publicly disclose library vulnerabilities

We’ve already dissected Snyk’s State of Software Security Report and we’ve pointed out that about 75% of application code is made up of open source components. What we still haven’t covered is the lifecycle of an open source security vulnerability and the steps that play an essential role in the overall state of security. Let’s proceed.

Security is a process, not a product

Good coding practices mean good data security

Data breaches are a dime a dozen these days. Are hackers getting better? Not really. It turns out that bad coding practices lead to insecure code and glaring vulnerabilities. Who knew?