Archive for the ‘DevSecOps’ Category

Join a Live GitLab Security + Compliance Workshop!

Date: Wednesday, September 15th Time: 2:00 pm – 5:00 pm CEST GitLab is a great DevOps platform, delivered as a single application, fundamentally changing the way Development, Security, and Ops teams collaborate. Join a virtual & live session for a 3-hour virtual hands on workshop (at no charge) to gain a better understanding of how […]

Read more »

Join a Live GitLab CI/CD Workshop!

Date: Wednesday, August 31st Time: 2:00 pm – 5:00 pm CEST GitLab is a great DevOps platform, delivered as a single application, fundamentally changing the way Development, Security, and Ops teams collaborate. Join a virtual & live session for a 3-hour virtual hands on workshop (at no charge), an Introduction to our CI/CD. In this […]

Read more »

HashiCorp Vault VS Akeyless Vault Platform (2022)

Last update: September 2022 Since we provide a variety of secrets management solutions, we’re frequently asked about the differences of HashiCorp Vault vs Akeyless Vault platform – so here it is! We made a comparison sheet including more than 10 criteria: platform; technology; infrastructures; maintenance ; required skills; security aspects; high availability (HA) ; user interface […]

Read more »

Vulnerabilities in 3rd-party Apps Have Caused Code Theft from GitHub

GitHub reported that a hacker was apparently exploiting a security vulnerability or human error on 3rd-party apps Travis and Heroku. The security vulnerability exposed the tokens, allowing the hacker to steal the tokens and utilize them to enter private repositories on GitHub (including NPM) so he managed to download those repositories – including all the […]

Read more »

How to Prevent Data Leaks if Hackers Get Access to your Database?

Every week we hear about the latest website to get hacked, and hackers getting access to another database with consumers’ personal data inside. Just in the last weeks there have been numerous reports of hacking, including stealing the medical records of 290,000 patients of the “Mor Medical Institute,” and releasing data of 1 million subscribers […]

Read more »

GitLab CI and Akeyless Vault Integration

You can use Akeyless Vault secret management within GitLab and GitLab CI. Code placed in GitLab or GitLab CI/CD requires secrets in order to properly execute access to various resources. By integrating GitLab CI with Akeyless Vault, you would not need to keep hard coded secrets within the GitLab code repo such as username & […]

Read more »

What are Differences of SonarQube Editions?

Last update: March 2022 I’m frequently asked what the differences are between SonarQube versions. From the questions it is clear that the licensing options are not so clear and quite confusing, so I decided to write down the essential points and help make things right. Legend Core differences What’s in the Community Edition? Developer Edition […]

Read more »

GitLab and Log4J Vulnerability

Concerning the reported Log4J vulnerability (CVE-2021-44228), you should know that GitLab does not use Log4j or Log4j2 packages. GitLab was written using Ruby, JS and Go so it uses different log libraries. If you use GitLab Advance Search or Code Search features (available in paid edition including Premium, Ultimate and Starter) you should know it […]

Read more »

Vault HCP Cloud VS Vault Enterprise

As you probably know, a few months ago HashiCorp started offering the popular Vault product as a managed service in the cloud (known as “Vault HCP” or Vault Cloud), until then this had  only been offered as an on-premises product – Vault OSS and Vault Enterprise. We recently (in response to questions from our customers) […]

Read more »

Code Security and Compliance using GitLab

Besides version control and CI/CD, GitLab also offers a variety of security tests on your proprietary code (code you develop) or external code you use (i.e. open source), as well as code compliance capabilities – to help you ensure that you make proper and legal use of any open source libraries and code snippets. In […]

Read more »