By Kevin Buchs|2020-02-12T09:58:58-08:00February 12th, 2020|Categories: Articles, Tips & Tricks|Tags: GCP, Monitoring Data, Python, serverless, stackdriver|
Recently I inherited a complex Google Cloud (GCP) App Engine configuration. App Engine is the managed web server platform, which does not require you to provision/configure/manage your own servers. Some call that serverless. As I said, it was very complex with some components (services) probably not being used at [...]
By Andrew Storms|2019-10-31T10:58:20-07:00November 28th, 2018|Categories: Secure Software Development, Tips & Tricks|Tags: data security, information security, infosec, Lean Security, software development, STIX/TAXII|
Thanksgiving in the US is passed and year end is in sight. As the end of the calendar year draws near, let's consider a few short term objectives you can complete right now that will have a long lasting effect on your security programs in 2019. 1. [...]
By Zach Buzalski|2019-11-18T09:01:59-08:00November 26th, 2018|Categories: Articles, Tips & Tricks|Tags: Devops, Lean Security|
Back from Thanksgiving week-end! Aside from my family duties, I took the time this long weekend to read a book that is hopefully a best seller in the DevOps community: “The Phoenix Project” - a Novel by Gene Kim, George Spafford, and Kevin Behr. I had the opportunity [...]
By Andrew Storms|2019-10-22T13:56:15-07:00October 10th, 2018|Categories: Events, Tips & Tricks|Tags: cyber security, GridSecCon, IT, OT, security|
On Thursday, October 18, 2018 at GridSecCon 2018 on behalf of New Context, I will be talking about what it means to run security orchestration in your converged IT and OT environments. Both IT and OT are struggling to keep up with the ever changing and advancing threat landscape yet [...]
By New Context|2018-04-16T18:43:34-07:00April 16th, 2018|Categories: Articles, Tips & Tricks|Tags: Devops, DevSecOps, RSA, RSAC|
Before you start coding or your assessments and security tests, decide what metrics are important that you will use to gauge the effectiveness of your security organization. The newest ebook from DevOps.com has arrived, just in time for RSA 2018 and DevOpsConnect. Our VP of Product Andrew Storms is [...]
By Andrew Storms|2019-09-11T12:35:48-07:00October 16th, 2017|Categories: Tips & Tricks|Tags: audit, automation, Chef, Devops, DevSecOps, packer.io, pipeline|
Image via Pixabay Recently, Joshua Kugler, a Sr. DevOps Engineer at New Context, wrote a blog post providing tips for using Chef Zero, audit mode and Packer. As leaders in DevSecOps, we believe in the importance of sharing knowledge and are passing this resource along to you. Read [...]
By New Context|2019-10-22T14:07:12-07:00September 29th, 2017|Categories: Tips & Tricks|Tags: OASIS, patterning, reference card, STIX, STIX/TAXII|
Indicators are probably the most frequently used object in the STIX 2 data model. At the heart of STIX Indicators is the STIX Patterning Language. STIX Patterning is a powerful tool capable of describing a wide spectrum of malicious attacker behavior in a machine-parsable format suitable for security automation. STIX [...]
By Patrick Ma|2019-11-18T09:11:19-08:00March 1st, 2017|Categories: Articles, Tips & Tricks|Tags: automation, Devops, security, testing|
In this post I'm going to share with you how our teams implement automated vulnerability scanning for our web apps using Arachni and integrating that in to our Continuous Delivery pipeline. In this example we're going to show how we can do this using a Jenkins server, but theoretically anything [...]
By Andrew Storms|2019-10-22T14:07:33-07:00February 10th, 2017|Categories: Articles, Tips & Tricks|Tags: cost-effective, Devops, DevSecOps, Lean Security, security, threat, vulnerability|
For all of its challenges, 2016 was a year of inspiring innovation. SpaceX proved we can have reusable rockets by taking a page from a science fiction book and launching a rocket then landing it vertically on a moving boat. Enter a new era of space travel. Tesla sent all [...]
By Andrew Storms|2016-11-10T22:16:05-08:00November 10th, 2016|Categories: Tips & Tricks, Webinar|Tags: cloud, data, governance, security, webinar|
Experts from New Context and WANdisco joined together to explain the tools and techniques for securely managing big data in hybrid cloud environments. This webinar was held on November 3, 2016 and Attendees learned what's required for effective data governance with the highest levels of availability and performance on-premises and in the [...]
Necessary cookies are absolutely essential for the website to function properly. This category only includes cookies that ensures basic functionalities and security features of the website. These cookies do not store any personal information.
