DevSecOps Weekly Newsletter, Zeno, a FAUN Newsletter. ๐ View in your browser ย |ย โ๏ธ Publish on FAUN.dev ย |ย ๐ฆ Become a sponsor
Zeno
Curated DevSecOps news, tutorials, tools and more!
๐ The Opening Call
Hey there,
We would like to know how is your experience with FAUN by now. Is there anything we can do better for you? We truly appreciate every FAUNer's opinion!
๐ So share your testimonial and support FAUN.
โค๏ธ To thank you, we will link to your website or a social media profile of your choice on faun.dev.
We would like to know how is your experience with FAUN by now. Is there anything we can do better for you? We truly appreciate every FAUNer's opinion!
๐ So share your testimonial and support FAUN.
โค๏ธ To thank you, we will link to your website or a social media profile of your choice on faun.dev.
โญ Patrons
namecheap.com
A mighty domain for a mini price. Get your next big domain at Namecheap !
faun.dev
Sponsor FAUN and reach developers where they are, not where you want them to be.
Download our mediakit.
Download our mediakit.
๐พ From FAUNers
faun.dev
Fuzzing is the process or technique of sending multiple requests to a target website within a certain time interval. In other words, it is also similar to brute force. Read more about the tools allowing Fuzzing like wfuzz andFfuf.
By @tutorialboy24
By @tutorialboy24
โญ Sponsors
nordvpn.sjv.io
NordVPN 68% Black Friday discount is here!
๐ Access anything online without restrictions
๐ Add extra layers of security to your digital life
๐ Get the best online protection tools along with your NordVPN service.
๐ Get 3 months FREE with the 2-year plan
๐ Access anything online without restrictions
๐ Add extra layers of security to your digital life
๐ Get the best online protection tools along with your NordVPN service.
๐ Get 3 months FREE with the 2-year plan
๐ Stories, Tutorials & Articles
boostsecurity.io
This article is part of a series about the security of the software supply chain. Each article will be analyzing a component of the Supply chain Levels for Software Artifacts (SLSA) model in depth, from the developerโs workstation all the way to the consumer side of the chain.
www.mitiga.io
A recent Mitiga Research Team investigation found the well-regarded Amazon Relational Database Service is leaking PII via exposed RDS Snapshots.
medium.com
Using Kube-bench (checks performed to determine Kubernetes is deployed securely) and Kubescape (an open source tool that includes risk analysis, security compliance, RBAC visualizer, and image vulnerabilities scanning) integrated in Github Actions.
infosec.rodeo
IAM was designed to manage authentication and authorization in a single AWS account. As adoption of the cloud grew, organizations started to identify the need for using multiple AWS accounts.
Instead of refactoring the architecture, AWS did what AWS does best - it built a new service.
Instead of refactoring the architecture, AWS did what AWS does best - it built a new service.
towardsaws.com
There are many tools available today that are designed to automate security checks. But some people rely too much on tools, as if conducting an AWS security assessment is the same as formatting the scannerโs output into fancy-looking report.
This blog post focuses on what scanners are missing and why tools cannot fully replace the assessor.
This blog post focuses on what scanners are missing and why tools cannot fully replace the assessor.
๐บ Quick Hits
Cloud-native application security provider Apiiro announced that it has raised $100 million in Series B funding. To date, the company has raised $135 million.
A newly disclosed vulnerability in Microsoft Corp.โs Azure Cosmos DB was found to open the door to an attacker without needing authentication under certain conditions.
Researchers spotted a new evasive malware, tracked as KmsdBot, that infects systems via an SSH connection that uses weak credentials.
Fall 2022 SOC reports are now available with 154 services in scope.ย Customers can download the Fall 2022 SOC reports through AWS Artifact in the AWS Management Console.ย
โญ Supporters
faun.dev
FAUN's Job Board offers an exceptional platform to connect with skilled developers, DevOps professionals, and software engineers who are eager to contribute to the success of your organization.
Post your job openings on FAUN's Job Board today and watch your talent pool grow.
Get started now .
Post your job openings on FAUN's Job Board today and watch your talent pool grow.
Get started now .
faun.dev
๐ If you're a Developer or a maintainer of a widely adopted Open Source project and you think it's worth talking about it and your experiences in building it, join Humans Behind Code and get interviewed and published on faun.dev!
internxt.com
โ
Encrypted file storage and sharing
โ Access your files from any device
โ Get access to all our services
Discount available until December 5th.
โ Access your files from any device
โ Get access to all our services
Discount available until December 5th.
๐ฆ Videos, Talks & Presentations
www.youtube.com
www.youtube.com
Migrating to the cloud has become a "sine qua non" these days. The compact articles in 97 Things Every Cloud Engineer Should Know inspect the entirety of cloud computing, including fundamentals, architecture and migration.
๐ Book picks
www.amazon.com
Learn how to adopt and manage public clouds by leveraging BaseOps, FinOps, and DevSecOps.
โ๏ธ Tools, Apps & Software
github.com
Open source cloud native security observability platform. Linux, K8s, AWS Fargate and more.
๐ Meme of the week
