#security

8 articles tagged #security.

AWS IAM
AWS identity and access management service controlling who can do what in your account, with granular policies based on the principle of least privilege.
seed #aws #iam #security #identity #access-control #policies
Container Security
Practices and tools for securing containers throughout their lifecycle: image building, runtime, orchestration, and compliance.
seed #security #containers #docker #scanning #runtime #compliance
DevSecOps
Integration of security practices throughout the software development lifecycle, automating security controls in the CI/CD pipeline.
seed #devsecops #security #shift-left #automation #ci-cd #compliance
Secrets Management
Practices and tools for securely storing, distributing, and rotating credentials, API keys, and other sensitive data in applications and pipelines.
seed #secrets #security #vault #ssm #credentials #encryption
Secure Coding
Development practices preventing security vulnerabilities from design, including input validation, error handling, and defense-in-depth principles.
seed #secure-coding #security #owasp #validation #best-practices #development
Supply Chain Security
Practices for ensuring the integrity and security of all dependencies, tools, and processes comprising the software development pipeline.
seed #supply-chain #security #sbom #dependencies #slsa #sigstore
Vulnerability Scanning
Automated process of identifying known vulnerabilities in code, dependencies, containers, and infrastructure before they reach production.
seed #vulnerability #scanning #security #sast #sca #trivy
Zero Trust
Security model that doesn't implicitly trust any user or system, verifying every request regardless of its origin inside or outside the network.
seed #zero-trust #security #identity #network #authentication #authorization

All tags