security

Blog

Occamslabs sharing insights about cloud securtiy

• Transforming Cloud Security: The Shift from Permanent to Just-In-Time Access

  Security Cloud Access April 30, 2024

  In the rapidly evolving world of IT, access management has undergone significant transformations. The shift from traditional, always-on access to a more controlled, just-in-time (JIT) access model marks a critical pivot in how businesses handle security in cloud environments.

  Read More

• Gone Phishing - Caught Developers

  Security Phishing October 16, 2023

  Phishing attacks are getting more sophisticated by the day. Their target audience is changing every day. In the past, high-profile individuals were targeted using CXO attacks. These days, the scope has broadened and is targeting the whole organization.

  Read More

• You are doing it wrong! Kubernetes Image Tags

  Supplychain Security Kubernetes September 15, 2023

  How you are using Docker tags can say a lot about your security.

  Read More

• Securing Kubernetes Workloads with Enhanced Supply Chain Security

  Supplychain Security Kubernetes August 11, 2023

  In today’s rapidly evolving tech environment, securing your Kubernetes workloads has never been more crucial. As Kubernetes becomes the backbone of many IT infrastructures, implementing robust Kubernetes supply chain security measures is essential to safeguard against vulnerabilities and threats.

  Read More

• Vulnerability vs. Supply Chain Attack

  Supplychain Security August 07, 2023

  A vulnerability is usually an unintended software bug that opens an attack angle for a malicious actor. The good thing about an open-source project is, that the bigger the project, the more eyes are on it. The more likely these vulnerabilities will surface and be fixed fast. In smaller or dormant projects, this is usually not the case.

  Read More

• Supply Chains and Lock Files

  Supplychain Security August 01, 2023

  A supply chain attack is when one or more of the dependencies in your application have been compromised, and some “bad code “is running on your systems and applications that is intended to harm you. These kinds of attacks are becoming more common and more sophisticated.

  Read More

• Securing your Ruby and Rails Codebase

  Ruby-on-rails Security Devsecops September 24, 2018

  When writing software you want to avoid introducing functional bugs or security issues.

  Read More