Observability: What You Need to Know
Learn why observability is important to DevOps organizations with distributed systems, how observability is different from monitoring, and how to approach the three pillars of observability.
Choose Your Type
Choose Your Topic
Our Latest Content
State of the Market CI/CD/ARA
The continuous integration/continuous delivery market has gone through many changes since DevOps came on the scene, but it remains the backbone of the DevOps toolchain. Application release automation has also joined the ranks of must-have DevOps technologies. So where does the market stand currently and what can we expect to see in the next generation...
Harnessing Development to Scale AppSec
GitLab helps you to scale security across your Continuous Integration (CI) process enabling developers to test their code with every code change, right in their existing workflow. By seamlessly integrating WhiteSource’s security application testing solution in GitLab CI, we further reduce context switching and increase developer productivity. This enables developers and InfoSec professionals to work...
April Open Source Security Vulnerabilities Snapshot
Check in to learn about the new open source security vulnerabilities published in March, their severity, top CWEs, vulnerabilities per programming language, new critical FastXML jackson-databind seria
Kubernetes Pod Security Policy Best Practices
Using Kubernetes pod security policies to maximum effect takes some effort. this article explains how to get the most out of Kubernetes pod security policies.
5 Ways to Speed Up Your Software Development Process
We all constantly face the challenge of reducing time-to-market to ensure our company will not lose market share. This challenge has made time the most valuable resource for every software...
Web Application Security at Every Stage of the SDLC
Developments in web applications have increased the risk of malicious attacks. know the steps to secure your enterprise.
March Open Source Security Vulnerabilities Snapshot
Learn about the new open source security vulnerabilities published in February, their severity, top CWEs, vulnerabilities per programming languages
Assessing the Kubernetes Landscape
In the runup to KubeCon + CloudNativeCon Europe, we’ll examine what’s happening in the Kubernetes and containers landscape, including new technologies, services and ecosystems worth knowing about as well as changes looming on the horizon.
InnerSource: How Open Source Best Practices Help Enterprise Development Teams
What are the benefits of InnerSource and how can organizations adopt InnerSource to improve their internal development processes?
What You Need to Know About the New OpenSSH Security Updates
OpenSSH's new v8.2 contains security updates to protect users. Why are the updates important and what do they mean for you?
Predict 2020 – Developers Do Security
Amid all the talk of shifting left, mingling the DevOps and Security tribes and how can we do code better, faster and with more quality a funny thing happened. Security vendors are developing security tools for devs and DevOps. The security team still pays for them, but they won’t buy them without Dev and DevOps...
DevSecOps: Closing the Loop from Detection to Remediation
DevSecOps approach, testing tools and practices are integrated even further left in the development pipeline. Join Senior Product Manager, Shiri Ivtsan, as she discusses: Where and how developers are implementing DevSecOps in the SDLC; Best practices for developers to adopt DevSecOps and more efficiently handle vulnerabilities; Necessary steps for implementing a process for detection, prioritization,...
Barriers to Container Security and How to Overcome Them
Over the past few years, more and more companies are turning to containerized environments to scale their applications. However, keeping containers secure throughout the development life cycle presents many challenges to security and development teams. In order to address them, organizations need to adopt a new set of security processes and tools. This session will...
GitOps Basics: Developers Are Gitting Into Deployment
Is GitOps a passing trend or a DevOps practice that's here to stay? How does the GitOps pipeline work and what are the benefits?
Panel Discussion: Cloud Security – Keeping Serverless Data Safe
The push to the cloud has introduced a previously unknown level of agility to many organizations, but sometimes at the expense of data security. Human error often is the cause of cloud security blunders, putting sensitive data at risk and causing real damage to companies in terms of financial liability and loss of reputation. This...
Tackling the Container Iceberg
Container images are based on many direct and indirect open source dependencies, which most developers are not aware of. What are the security implications of only seeing the tip of the iceberg? What are the challenges one faces when relying so heavily on open source? And how can teams overcome these? Join Codefresh and WhiteSource,...
5 Free Developer Tools We’re Grateful For
Here are five free tools to help developers create and deliver innovative, high-quality, and secure software, faster.
Who Owns Application Security in the Age of DevOps?
Application security is a top priority today for companies that are developing software. However, it is also becoming more challenging and complex as release frequency continues to rise, more open source components are adopted, and the requirements for data security are getting stricter. Thanks to new DevOps practices and tools, development cycles are getting shorter,...
Panel Discussion: Scaling DevSecOps
The need to include security as part of the DevOps process is well-understood, and greater numbers of DevOps teams are shifting security left to ensure their applications are more secure. But how can an organization scale its DevSecOps efforts without introducing unnecessary friction in the software development life cycle? This webinar explores some of the...
Panel Discussion: Container Management: Configuration, Monitoring and More
The container space has evolved dramatically, growing into a thriving ecosystem that goes well beyond containers to include orchestration platforms, monitoring tools and more to enable end-to-end container management. In this webinar, we explore the expanding category of container management, including technology and market trends and the essentials an organization needs to manage its container...
Fitting Continuous Testing Into Your DevOps Pipeline
Continuous testing or testing automation? Where and how does CT fit into your DevOps pipeline? What are the benefits and best practices? Learn how to succeed at continuous testing.
The Challenges of Scaling DevSecOps
Organizations enjoy the speed that DevOps brings to development and delivery. However, most security and compliance monitoring tools have not been able to keep up, becoming the most significant barrier to continuous delivery. Now some good news: you can easily integrate security into your existing processes to solve this challenge. In this session, Shiri Ivtsan,...
Top 5 New Open Source Security Vulnerabilities in September 2019
September's top 5 new open source security vulnerabilities includes popular projects like Swagger UI, the Linux Kernel, Android, Python, and curl.
Top 5 Git Security Mistakes
Make sure that your Github and GitLab repos are secure. Here are the top 5 Git security mistakes to avoid.
360° Kubernetes Security: From Source Code to K8s Configuration Security
Kubernetes has become the default way for many organizations to scale and orchestrate their use of containers. However, organizations are starting to find themselves needing to take the necessary steps to protect their containers. Automating security checks throughout the development life cycle can help reduce risk and allow organizations to develop and deploy securely. Join Shiri Ivstan, Senior Product Manager at WhiteSource and Yaniv Peleg Tsabari, Senior...
Top 5 Back to School AppSec Tips for Developers
These are the top application security tips and tricks for student developers as they gear up for the year ahead. Remember to stay calm and code securely.
Deep Dive into Container Security
Many organizations are using containers to develop and manage their applications. Containers enable development teams work faster, deploy more easily and efficiently, and operate at a much larger scale. However, there are many security measures that need to be taken across the entire software development lifecycle, especially when it comes to open source security. In...
Panel Discussion: 10 Tips for Achieving Cultural Change in DevOps
DevOps success depends on three things: people, processes and tools. While tools and processes can be easy enough to address, the people part of the equation can be more difficult to tackle. Changing the culture of an organization can be akin to turning a cruise ship midstream. Join this webinar to hear the top 10...
Vulnerability Assessment
Performing a vulnerability assessment is the first step towards securing your organization. We breakdown what you need to know and where to start.
Mend achieved Amazon Web Services DevOps Competency Status
Mend is now the proud recipient of Amazon Web Services DevOps Competency Status, taking their partnership with Amazon Web Services to the next level.
Security Automation: Where Does It Fit In Your Secure SDLC?
n the race to stay ahead on keeping your applications secure, organizations of all sizes need to implement security automation solutions.
Demystifying PCI Software Security Framework: All You Need to Know for Your AppSec Strategy
The Payment Card Industry (PCI) Security Standards Council recently released a new security framework to replace the previous standard (PCI PA-DSS). The new framework is set to better address the changes that the software development industry has seen in the past few years. Agile and DevOps methodologies, cloud and containerized environments and widespread open source...
Mend Report – Developers Are Taking Over AppSec
Mend Report - Developers Are Taking Over AppSec
Panel: DevOps Takes On The World
DevOps is a global phenomenon, with organizations in countries far and wide adopting DevOps tools, processes and culture to increase the speed, efficiency and reliability of their applications. In this webinar, we’ll delve into why DevOps has such a global reach and take a look at some of the international companies that have found success...
How SAP Integrates License Compliance & Security Into Their DevOps Pipeline
Gone are the days where open source components were only used by individual developers, start-ups or small corporations. Today, even the biggest corporate giants have realized the numerous benefits open source usage brings, thereby openly embracing this as part of their software to help them focus their efforts and push more code out of the...