BluBracket

10/18/2022

The need for speed has driven developers teams to embrace git-based code management and version control systems in the cloud to enhance collaboration and visibility for their development process.

Tomorrow, Wednesday October 19, 2022, security experts will have a candid discussion about results from a research study that we commissioned with application security research firm ESG.

Register for the webinar: Enhancing code security while speeding up git-based development and get a free code security eBook
https://hubs.ly/Q01p-MFr0

10/14/2022

How modern software development is creating challenges for cybersecurity? How to shift left to help security scale with rapid development?
These are the topics we will be covering during our next webinar
Please join us for the code security webinar: Enhancing code security while speeding up git-based development, on October 19, 2022 at 1pm ET.
The discussion led by cybersecurity and developer evangelists will focus on identifying and mitigating high risk content in code (e.g secrets and PII), access risks as well as code leaks.

Register Today!


https://hubs.ly/Q01pl1hg0

10/12/2022

Walking the Line: GitOps and Shift Left Security
This eBook is packed with informative metrics based on a wide survey of developer teams and application security practitioners to understand key aspects that relate to software supply chain security.
Application security expert with leading analyst firm ESG, Melinda Marks, has authored this eBook.
Download your free copy now

Free cybersecurity research from analyst firm ESG, compliments of BluBracket. Download the eBook now.

10/10/2022

You are invited!
Please join us for the code security webinar: Enhancing code security while speeding up git-based development, on October 19, 2022 at 1pm ET.

Register Today and receive your complementary copy of the eBook "GitOps and Shift Left Security: Scalable, Developer-centric Supply Chain Security Solutions", by Melinda Marks, ESG Senior Analyst.

https://hubs.ly/Q01pkPyW0

10/07/2022

Eryone can make a difference during Cybersecurity Awareness Month.
is a proud supporter of Cybersecurity Awareness.
Do Your Part.
Visit https://hubs.ly/Q01nZ5cz0 to learn more

10/03/2022

A secret in a repo is a secret shared
Exploiting secrets committed to code is super fast. Here is a little teaser - 4 minutes of the commit there was an attempt to use the secret. 20 minutes later 8 different attempts were made. The bad actor not only successfully scraped the API secret but has also attempted to login.

https://hubs.ly/Q01nN4590

10/03/2022

Please join us on October 19, 2022 for a free webinar: Enhancing code security while speeding up git-based development. This webinar will focus on identifying and mitigating high risk content in code (e.g secrets and PII), access risks as well as code leaks.
Register today and receive a free code security eBook
https://hubs.ly/Q01nMcxv0

09/12/2022

Companies of all types should consider offering but should also be aware that while these programs might help protect software, the vast landscape of that enterprises depend on remains at risk. https://bit.ly/3QnCElg BluBracket's Casey Bisson details in Security Boulevard, home of the Security Bloggers Network

Google's bug bounty program will be expanded to include a special open source section called the Open Source Software Vulnerability Rewards Program (OSS

09/09/2022

Some steps that companies can take to help secure their organization involve first eliminating secrets such as passwords, credentials and API tokens in , followed by balancing productive access against unnecessary risk, and then tracking for any leaked code. BluBracket's Ajay Arora explains in CPO Magazine: https://bit.ly/3D6UtC6

Recent security breach at password manager LastPass does not appear to be an immediate threat to the encrypted vaults that customers use to store their passwords, but the hackers may have made off with source code and proprietary information.

09/08/2022

When secrets get committed to repos, they don’t remain secret for long! Check out BluBracket’s new video on our automated tools to help spot dangerous secrets in your code:

Secrets like database access credentials, cloud access keys, SSL certificates, and API tokens are critical to making our software work, but when they get com...

09/07/2022

Companies of all types should consider offering security bounties for the systems they depend on. People probing security vulnerabilities are looking to get paid, according to BluBracket’s Casey Bisson in SecureWorld article by Drew Todd https://bit.ly/3ACgC8l

Google has launched a new open source software vulnerability program that will pay security researchers for finding flaws in its open source code.

09/06/2022

Unmonitored access to code repositories can lead to both external and insider threats, but BluBracket enforces policies for trusted access to repos and monitors developer access to repos. BluBracket’s Pan Kamal explains in recent post: https://bit.ly/3pZqxQl

You would think organizations would want to know when ex-employees have access to the crown jewels.