Some thoughts about “Shift Left” security in DevSecOps

A popular term in DevOps context is “shift left”: it refers to the effort by a DevOps team to implement measures to guarantee application quality at the most early point in the software development life cycle.
In a application security context, this refers to the measures implemented to ensure thart security concerns are taken into consideration during the whole application development, rather than at the end of the process.

Continue reading “Some thoughts about “Shift Left” security in DevSecOps”

Privileged containers in Docker? A bad idea!

By default, containers run in unprivileged mode, that is, we cannot run Docker daemon inside a Docker container.
However, a privileged Docker container is allowed to access to all the devices on the host woth the same privileges of the process running on the host.

Continue reading “Privileged containers in Docker? A bad idea!”

Cybersecurity Trends for 2020

According to a TrendMicro’s report, ‘The New Norm’, the major cybersecurity risks for organizations in 2020 comes from DevOps, third-party libraries, container components and even remote workers.

A pleasant reading for the Christmas holidays!

Continue reading “Cybersecurity Trends for 2020”