Archive for the ‘DevSecOps’ Category

Date: January 12, 2023 Time: 6pm – 9pm CET / 9am – 12pm PST Cyber attacks have never been more in the news. From Twitter hacks to identity theft, vulnerabilities are exposing gaps in the application development process. Application security is difficult, especially when security is a separate process from your DevOps workflow. Security has […]

Date: Tuesday, December 13, 2022 Time: 2pm – 5pm CET Join us to learn how GitLab can quickly get you started down your GitOps journey! This workshop will go over how you can quickly get started using the GitLab Agent for Kubernetes starting with an empty project and moving all the way to deploying a […]

Date: Wednesday, September 15th Time: 2:00 pm – 5:00 pm CEST GitLab is a great DevOps platform, delivered as a single application, fundamentally changing the way Development, Security, and Ops teams collaborate. Join a virtual & live session for a 3-hour virtual hands on workshop (at no charge) to gain a better understanding of how […]

Date: Wednesday, August 31st Time: 2:00 pm – 5:00 pm CEST GitLab is a great DevOps platform, delivered as a single application, fundamentally changing the way Development, Security, and Ops teams collaborate. Join a virtual & live session for a 3-hour virtual hands on workshop (at no charge), an Introduction to our CI/CD. In this […]

GitHub reported that a hacker was apparently exploiting a security vulnerability or human error on 3rd-party apps Travis and Heroku. The security vulnerability exposed the tokens, allowing the hacker to steal the tokens and utilize them to enter private repositories on GitHub (including NPM) so he managed to download those repositories – including all the […]

Since we provide a variety of secrets management solutions, we’re frequently asked about the differences between HashiCorp Vault and Akeyless Vault platform – so here it is! We made a comparison sheet including more than 10 criteria: Platform; technology; infrastructures; maintenance; required skills; security aspects; high availability (HA) ; user interface (UI) ; Multi-cloud; supporting […]

Every week we hear about the latest website to get hacked, and hackers getting access to another database with consumers’ personal data inside. Just in the last weeks there have been numerous reports of hacking, including stealing the medical records of 290,000 patients of the “Mor Medical Institute,” and releasing data of 1 million subscribers […]

You can use Akeyless Vault secret management within GitLab and GitLab CI. Code placed in GitLab or GitLab CI/CD requires secrets in order to properly execute access to various resources. By integrating GitLab CI with Akeyless Vault, you would not need to keep hard coded secrets within the GitLab code repo such as username & […]

Concerning the reported Log4J vulnerability (CVE-2021-44228), you should know that GitLab does not use Log4j or Log4j2 packages. GitLab was written using Ruby, JS and Go so it uses different log libraries. If you use GitLab Advance Search or Code Search features (available in paid edition including Premium, Ultimate and Starter) you should know it […]

As you probably know, a few months ago HashiCorp started offering the popular Vault product as a managed service in the cloud (known as “Vault HCP” or Vault Cloud), until then this had  only been offered as an on-premises product – Vault OSS and Vault Enterprise. We recently (in response to questions from our customers) […]

Last update: 2/27/2022 In this article, we want to tell you how to control versions of complex systems using git submodules. Let’s have a look at the following imaginary example.  Our company has developed a system named Car, which consisted of 3 subsystems: Motor, Steering, and Transmission. Each subsystem has been developed in a separate […]

There is no excerpt because this is a protected post.

To encourage downloads of the ‘Shield’ app that fights coronavirus, we have built a complementary Continuous Integration (CI) solution and code scanners to improve information security, code security and privacy of the app. We also invite the developers to use it freely and continuously in future. A few days ago, the Israeli Ministry of Health […]

I am happy to share a GitLab CI/CD video that is concise, technical and up-to-date. I have chosen this video as the best of several videos that I have recently watched. At your convenience, we have added subtitles, a summary of the video and the transcription of the video. You can watch the video and […]

Next week we are hosting a HashiCorp employee to discuss different aspects of using Vault effectively. Webinar is free of charge. Introducing Vault ; Integration with OpenShift and “Ask Me Anything” (July 31st 11AM CET) We are hosting Lieuwe Helmus, Senior Solution Engineer in HashiCorp Company, to discuss about Vault, integration with OpenShift and give you the chance to […]