DevOps

Popular open-source DevOps automation software StackStorm was reported to have a critical vulnerability that could allow remote attackers to perform arbitrary commands on targeted servers.

CVE-2019-5736 is a vulnerability involving the runC runtime component, which is used for container platforms such as Docker and container orchestration platforms such as Kubernetes.

DevOps entails pivotal shifts. Among them is the way monitoring and auditing are carried out. As requirements and technologies for developing, vetting, and deploying applications change, the requisites for monitoring and auditing also change.

A hacking campaign was uncovered that has so far affected more than 7,339 websites running on the Magento e-commerce platform. The attacks involve injecting MagentoCore, a malicious payment card data-stealing script, into the affected websites.

Enterprises are increasingly using hybrid environments, but this move can come with risks and challenges especially for organizations adopting DevOps. How can hybrid cloud security fit naturally into development processes?

Users of the Apache Struts are urged to update to its latest version after security researchers uncovered a critical remote code execution (RCE) vulnerability in the web application development framework.

How can DevOps — complemented with multilayered security solutions — align with the GDPR’s mandate of data protection by design and default?

Cloud security has become a significant issue as organizations increasingly move their workload to the cloud. A misconfigured cloud can leave organizations vulnerable to attacks.

With a large number of businesses starting to move toward the hybrid cloud model, the issue of safe cloud environments is more significant than ever.