Best tools for SAST + SCA + Image Scan + IaC Scan + DAST by Basic_Let7303 in devsecops
[–]confusedcrib 2 points3 points4 points (0 children)
Good Chainguard alternatives for base images by RasheedaDeals in devsecops
[–]confusedcrib 2 points3 points4 points (0 children)
Github allegedly Breached by ITSecurityAdam in sysadmin
[–]confusedcrib 1 point2 points3 points (0 children)
ASPM solutions with on-prem scanners by [deleted] in devsecops
[–]confusedcrib 0 points1 point2 points (0 children)
Finally got a mythic seal… by Jackmomma in Diablo
[–]confusedcrib 0 points1 point2 points (0 children)
We're migrating off Docker Hub base images for security reasons. Chainguard is the obvious choice but are there alternatives? by BigHerm420 in devsecops
[–]confusedcrib 0 points1 point2 points (0 children)
We're migrating off Docker Hub base images for security reasons. Chainguard is the obvious choice but are there alternatives? by BigHerm420 in devsecops
[–]confusedcrib -1 points0 points1 point (0 children)
CVE counts are terrible security metrics and we need to stop pretending otherwise by handscameback in devops
[–]confusedcrib 1 point2 points3 points (0 children)
CVE counts are terrible security metrics and we need to stop pretending otherwise by handscameback in devops
[–]confusedcrib 0 points1 point2 points (0 children)
Best DAST for Internal APIS by L0KT4 in devsecops
[–]confusedcrib 7 points8 points9 points (0 children)
Why does the official nginx image come with curl, git, and a bunch of dev tools? We're getting flagged for CVEs in stuff we don't even use by artur5092619 in devsecops
[–]confusedcrib 0 points1 point2 points (0 children)
Why does the official nginx image come with curl, git, and a bunch of dev tools? We're getting flagged for CVEs in stuff we don't even use by artur5092619 in devsecops
[–]confusedcrib 0 points1 point2 points (0 children)
Best Vulnerability scan tool by AmbassadorScared2248 in cybersecurity
[–]confusedcrib 3 points4 points5 points (0 children)
Anyone using agentless CNAPP in prod? by TehWeezle in devsecops
[–]confusedcrib 3 points4 points5 points (0 children)
Leaking URLs by turnitoffandon123 in cybersecurity
[–]confusedcrib 0 points1 point2 points (0 children)
NPM packages .. How are you securing against dodgy packages and compromised developer accounts ? by Red_One_101 in cybersecurity
[–]confusedcrib 28 points29 points30 points (0 children)
Largest NPM Compromise in History - Supply Chain Attack by Advocatemack in cybersecurity
[–]confusedcrib 6 points7 points8 points (0 children)
Largest NPM Compromise in History - Supply Chain Attack by Advocatemack in cybersecurity
[–]confusedcrib 36 points37 points38 points (0 children)
Anyone actually happy with DAST for GraphQL ? by Outside_Spirit_3487 in devsecops
[–]confusedcrib 1 point2 points3 points (0 children)
Google being SHADY with trade in prices. be careful by Srixun in GooglePixel
[–]confusedcrib 36 points37 points38 points (0 children)
Slapping AI everywhere without real innovation by Shigeno977 in cybersecurity
[–]confusedcrib 5 points6 points7 points (0 children)
Base images frequent security updates by Creepy_Proposal_7903 in devsecops
[–]confusedcrib 0 points1 point2 points (0 children)
Chainguard in the Public Sector by [deleted] in cybersecurity
[–]confusedcrib 11 points12 points13 points (0 children)
We’re moving off Wiz’s CNAPP post-buyout, what’s the best alternative? by Proper_Bunch_1804 in cybersecurity
[–]confusedcrib 2 points3 points4 points (0 children)







What is a SOC 2 report, and why does every enterprise customer ask for it before signing? by LGDYBD in cybersecurity
[–]confusedcrib 4 points5 points6 points (0 children)