Category: Security

  • 10 Recommendations for making DevOps a success

    According to a recent State of DevOps report, organizations that adopt a DevOps culture have 60 times fewer failures than those not implementing a DevOps approach.  Here Alex Knol, NearForm’s Director of DevOps and David Gonzalez, DevOps Consultant at NearForm share some of their observations on how organisations approach DevOps, what to do and what…

    Leanne Vaughey
    Cloud Native, Culture, DevOps, Security | 16th September 2019
  • 5 Guidelines to Boost the Security of Modern Applications

    With software at the heart of today's digital business, the pressure of getting applications to market faster increases. However, security cannot be sacrificed for speed so a holistic approach needs to be adopted.   As business adoption of cloud technology and open source software increases, security teams are finding it increasingly challenging to determine whether...
    NearForm
    eBook, Security | 20th December 2018
  • How to integrate security into DevOps

    NearForm and Sqreen are delighted to come together to share their insights on DevOps and security integration.  Some topics covered during the discussion: What is the biggest challenge around DevOps and Security? What hinders better security today? How do you detect attacks in production today? How can DevOps help secure other parts of the organization: employees, emails etc.?
    NearForm
    Webinar, Architecture Design, DevOps, Security | 13th November 2018
  • Static Analysis of Docker image vulnerabilities with Clair

    Static Analysis of Docker image vulnerabilities with Clair

    In a previous article, we described how to build a Docker Registry. Today we look at Clair – a tool that does static analysis of vulnerabilities in a docker image. What is Clair? Clair is a popular open source vulnerability scanning solution for docker images made by CoreOS. Clair is also integrated with quay.io public…

    Petr Kohut
  • Putting security into DevOps Practices

    DevOps: 7 Reasons to Automate Security in your Pipelines

    The DevSecOps Evolution: Incorporating Security into DevOps Practices According to IDC estimates, the worldwide DevOps software market achieved a level of $2.9 billion in 2017 and is forecast to reach $6.6 billion in 2022. Driven by the need for faster innovation, a shift towards microservices architectures, and the evolution of automation and collaboration tooling, the…

    David Gonzalez
    Architecture Design, DevOps, Security | 1st October 2018
  • Comparing NPM Audit with SNYK

    Comparing npm audit with Snyk

    At NearForm, we specialize in building practical software solutions for our clients and part of designing and building a modern solution is making it secure. In today’s world where almost everything is connected and operated by computers, adding security on-top, as an afterthought no longer works. As software architects and engineers, we also focus on…

    Igor Shmukler
    Security | 17th August 2018
  • Dynamic Intrusion Detection for Authorisation Systems like Udaru

    Dynamic Intrusion Detection for Authorisation Systems like Udaru

    Developing an automated intrusion detection system for Udaru using statistical modelling.

    Andreas Madsen
    Data Visualisation, Security | 11th June 2018
  • How NearForm approaches SQL Injection Prevention

    What are SQL injections and how nearForm fights with them?

    Ivan Jovanovic
    Security | 26th March 2018
  • Making Promises safer in Node.js

    Making Promises safer in Node.js

    Promises can be a powerful choice for a Node.js project, but there are some pitfalls to be aware of.

    Matteo Collina
    Node.js, Security | 27th November 2017
  • Top