Login

Recent searches

No recent searches

Search options

Not available on writing.exchange.
writing.exchange is one of the many independent Mastodon servers you can use to participate in the fediverse.
A small, intentional community for poets, authors, and every kind of writer.

Administered by:

Server stats:

323
active users

writing.exchange: AboutProfiles directoryPrivacy policy

Mastodon: AboutGet the appKeyboard shortcutsView source codev4.3.7

#devsecops

4 posts4 participants1 post today
Public
Marco Ciappelli🎙️✨:verified: :donor:

Here we go, with another pre-RSAC 2025 Conference Coverage Brand Story!

#QuantumSecurity, Real Problems, and the Unifying Layer Behind It All
A Brand Story with Marc Manzano, General Manager, Cybersecurity Group at SandboxAQ

As we get ready for RSAC 2025, we’re kicking things off with some Brand Story conversation that sets the tone for what’s coming.

In this pre-event episode, SandboxAQ shares how their flagship platform, Active Guard, is reshaping #cybersecurity at the intersection of #AI and #quantum. From cryptographic asset management to non-human identity oversight and automated compliance, it’s all about solving real challenges and building a more secure, interoperable future.

ITSPmagazine's Co-founders Marco Ciappelli and Sean Martin, CISSP sat down with Marc Manzano for a first look at the #technology and thinking behind it — and what you can expect from their presence at RSA Conference 2025.

We’ll reconnect and record with SandboxAQ on location at #RSAC2025 for a deeper dive into this critical conversation.

A special thank you to SandboxAQ for sponsoring our RSAC 2025 coverage and supporting this exploration into the future of cybersecurity.

Watch, listen, and learn more below:

Video Teaser: youtu.be/eCT8qNhp4nc

Full Video Episode: youtu.be/aD34MD5IRnc

Full Audio Podcast: brand-stories-podcast.simpleca

Explore our full RSAC 2025 Coverage: itspmagazine.com/events/rsac

YouTubeteaser Quantum Security, Real Problems, and the Unifying Layer Behind It All SandboxAQ at RSAC 2025By ITSPmagazine
#sandboxaq#brandstory#aiops
Public
Marco Ciappelli🎙️✨:verified: :donor:

🎙️ Going Live in 15 Minutes — Come Join Us!

I’m about to tune in for a live ITSPmagazine webinar that dives into a topic I truly care about:

Secure Coding = Developer Empowerment

It’s not just about reducing risk — it’s about investing in developers, boosting velocity, and building better software from the start.

🗓️ Today – April 18

🎙️ Hosted by ITSPmagazine

💡 In partnership with Manicode Security

Jim Manico

Jimmy Mesta 🤙

Sean Martin, CISSP

Will be talking about:

✅ Why most developers never get proper secure coding training

✅ How to get leadership buy-in for better dev security

✅ Why this isn’t just security—it’s a career boost

If you’ve got time, join us live. If not, watch it on demand. Either way, it’s a conversation worth having.

👉 Join here:

crowdcast.io/c/secure-coding-e

#ApplicationSecurity, #DeveloperEmpowerment, #SecureCoding, #DevSecOps, #softwaresecurity, #cybersecurity, #infosec, #ITSPmagazine

crowdcastSecure Coding = Developer Power: How to Convince Your Boss to Invest in You — An ITSPmagazine Webinar with Manicode SecurityRegister now for Secure Coding = Developer Power: How to Convince Your Boss to Invest in You — An ITSPmagazine Webinar with Manicode Security on crowdcast, scheduled to go live on April 16, 2025, 12:30 PM EDT.
Public
Open Policy Agent (OPA)

The #KubeCon recordings are now on YouTube! We'll be posting links to all the #OpenPolicyAgent related ones as we watch them. First out is the #OPA maintainer track session, where @charlieegan3 and @anderseknert give a short introduction to OPA and Rego, followed by a deep-dive into recent performance improvements, and a sneak peek at the project roadmap. Check it out!

youtube.com/watch?v=XtA-NKoJDaI

YouTubeOpen Policy Agent (OPA) Intro & Deep Dive - Charlie Egan & Anders Eknert, StyraBy CNCF [Cloud Native Computing Foundation]
#CloudNative#CNCF#DevOps
Public
Brian Greenberg

🚨 AI Code Assistants: A Double-Edged Sword? 🚨

AI-powered coding tools are revolutionizing development workflows, but they come with hidden dangers:

🔹 Hallucinated Dependencies: AI suggests packages that don’t exist.
🔹 Slopsquatting Attacks: Malicious actors register these fake packages, leading to potential security breaches.
🔹 Automated Installation Risks: Some AI agents might auto-install these without developer awareness.
🔹 False Legitimacy: AI-generated summaries can falsely validate these malicious packages.

🛡️ Stay Vigilant: Always double-check AI-generated code and dependencies. Trust, but verify.

#AI #CyberSecurity #DevSecOps #SupplyChain #SoftwareDevelopment
theregister.com/2025/04/12/ai_

The Register · LLMs can't stop making up software dependencies and sabotaging everythingBy Thomas Claburn
Replied in thread
Public
Buttered Jorts

And here’s the big reveal:

Virtual flash cards for the key terms for all of DevOps Institute’s exams. I took the glossaries from all their public study guides, deduplicated them, converted the courses they appear in to tags and added an exam they missed.

github.com/ajn142/DOI-Exam-Glo

Reposting because I forgot the number one rule of chronological timelines (don’t post when everyone’s asleep lol).

Contribute to ajn142/DOI-Exam-Glossary development by creating an account on GitHub.
GitHubGitHub - ajn142/DOI-Exam-GlossaryContribute to ajn142/DOI-Exam-Glossary development by creating an account on GitHub.
#DevOps#DevSecOps#SRE
Public
0x40k

Whoa, just checked out the latest GitGuardian report. It's wild how many secrets popped up *again*! 😳 We're talking millions of credentials just floating around out there.

And here's the kicker: it's not *only* about human slip-ups anymore. You've got more and more 'Non-Human Identities' (NHIs) – think bots, scripts, AI agents – churning out secrets too. And honestly? Those NHI secrets often get way less attention than the ones people handle.

As a pentester, I bump into this constantly. Find an old, forgotten API key lying around, and *boom* – system's compromised. 🤦‍♂️ Yeah, automated scans are definitely helpful, but nothing beats having solid secrets management in place. It's absolutely crucial.

So, how's everyone else keeping their secrets locked down? Got any killer best practices to share?

#Security#Pentest#DevSecOps
Public
Sean Martin 🎙️✨:verified_paw: :donor:

Yes, it is true! 😏 🎙️💻 It’s Webinar Time! Secure coding isn’t just about writing safer software—it’s a career game-changer.

But most companies don’t invest in secure coding training, leaving developers without the skills they need to protect their apps.

Join us live on April 16, 2025, for an ITSPmagazine Webinar where we’ll explore how to change that.

💡 Secure Coding = Developer Power: How To Convince Your Boss To Invest In You

With:
🎙️ Jim Manico, Manicode Security
🎙️ Jimmy Mesta 🤙, RAD Security
🎙️ Moderated by yours truly — Sean Martin, CISSP

👉 Register here: crowdcast.io/c/secure-coding-e

Why You Should Attend
Secure coding isn’t just about preventing security failures—it’s a career accelerator. Developers who understand security are more valuable to their companies, build better products, and stand out in the job market. This session will equip you with the knowledge and tools to make the case for secure coding training at your company, giving you an edge as both a developer and an advocate for better software security.

We’ll cover:
🔐 Live code reviews & secure fixes
🔧 Automation tips for secure defaults
📚 What effective training really looks like

If you care about building secure software and stronger engineering teams, don’t miss this one.

👉 Register here: crowdcast.io/c/secure-coding-e

crowdcastSecure Coding = Developer Power: How to Convince Your Boss to Invest in You — An ITSPmagazine Webinar with Manicode SecurityRegister now for Secure Coding = Developer Power: How to Convince Your Boss to Invest in You — An ITSPmagazine Webinar with Manicode Security on crowdcast, scheduled to go live on April 16, 2025, 12:30 PM EDT.
#webinar#securecoding#appsec
Public
Marco Ciappelli🎙️✨:verified: :donor:

Yes, it is true! 😏
🎙️💻 It's Webinar Time!

... and we’re back with another ITSPmagazine Thought Leadership Webinar — because impactful conversations and meaningful perspective exchanges are what we’re all about.

🚀 After the success of our debut session “AI In Healthcare: Who Benefits, Who Pays, And Who’s At Risk?” (missed it? Watch it on demand 👉 crowdcast.io/c/ai-in-healthcar) —we’re diving back in with a brand-new conversation focused on the heart of what drives our work: cybersecurity, technology, and society.

💡 Secure Coding = Developer Power: How To Convince Your Boss To Invest In You An ITSPmagazine Webinar With Manicode Security 🗓️ April 16, 2025

We’re honored to welcome two brilliant minds joining Sean Martin, CISSP — yes, of course, he’s pretty sharp too 😬 — for this one:

🎙️💥 Jim Manico, Founder and Secure Coding Educator at Manicode Security
🎙️💥 Jimmy Mesta 🤙, Course Instructor for Manicode and CTO at RAD Security

Why does #securecoding still feel like an afterthought? This session tackles that question head-on—covering why most companies don’t invest in secure coding training, how developers can advocate for themselves, and how this skillset can seriously boost your career. We’ll even get into some live code reviews and automation demos you won’t want to miss.

🔐💥 Secure Coding = Developer Power: How To Convince Your Boss To Invest In You
🗓️💥 LIVE: April 16, 2025
📍💥 REGISTER HERE: crowdcast.io/c/secure-coding-e

Be sure to share this with your fellow #developers, coworkers, and anyone who cares about building safer software and smarter teams. This is your chance to invest in yourself—and help your company do the same.

LET'S go, we can do this!!! 🤘😬✨

#webinar, #securecoding, #developerlife, #cybersecurity, #infosec, #softwaresecurity, #devsecops, #itspmagazine #infosecurity #tech #technology #software #programmers

Public
DSigmund

AI-generated code is powerful—but dangerous if used carelessly. Are you “vibe coding” without realizing the risks? Learn why blind trust in AI introduces vulnerabilities and how DevSecOps can help you avoid the hidden traps.

#AI #DevSecOps #CyberSecurity #SecureCoding #VibeCoding

webdad.eu/2025/03/31/code-ai-a

WebDaD - Web Development and Design · Code, AI, and Security: Avoiding the Hidden Traps of AI-Generated Code - WebDaD - Web Development and DesignAI-generated code accelerates development but introduces hidden dangers when developers trust it blindly—a practice known as “vibe coding.” This approach can silently introduce serious security vulnerabilities, logic errors, and compliance issues. Adopting robust DevSecOps practices ensures code safety by integrating security oversight and validation throughout the AI-assisted development lifecycle.
Public
sc0v0ne

MCP, Agentic Knowledge Graphs & AI Models: Solving Conversational Analytics

eventbrite.com/e/mcp-agentic-k

In this free webinar led by ex-Snowflake, Cloudera, and Amazon leaders, we'll unveil how cutting-edge LLMs (GPT 4.5, Sonnet 3.7, Deepseek V3/R1, Gemini 2.5, etc.) are revolutionizing data products.
#python #machinelearning #deeplearning #ai #developer #dev #devsecops #devops #mlops #learn #learning #study #git #github #codeberg #tensorflow #pytorch #jax #huggingface #linux #ubuntu #popos #llm

EventbriteMCP, Agentic Knowledge Graphs & AI Models: Solving Conversational AnalyticsCo-hosted by Gunther Hagleitner and Wangda Tan, former engineering and product leaders at Snowflake, Cloudera, & Cribl. Founders of Waii.ai.
Public
Anders Eknert

Regal v0.32.0 just dropped! After having worked mostly on language server features recently, it was time for the linter to get some love. This release includes 3 new linter rules as well as much faster linting. Check it out!

github.com/StyraInc/regal/rele

GitHubRelease v0.32.0 · StyraInc/regalThis release adds 3 new linter rules to Regal, as well as many improvements and fixes. New Rule: redundant-loop-count A loop iterating over empty collections evaluates to nothing, and counting the ...
#OPA#Rego#Regal
ExploreLive feeds
About