Deepfactor

▶️ Read the newest blog from Deepfactor CTO Mike Larkin. In it he discusses the latest OpenSSH security issue— regreSSHion — and covers: 🔸"Yes, and..." —patching is critically important but there's more 🔸 How runtime reachability/SCA can help determine if certain code is even being used 🔸 The right questions to ask (and answer) See comments for link. #CTO #SCA #regreSSHion

✅ The answer to our Deep Hack of the week has been revealed... 🔥 If you answered False, then you are correct! 👉 If you want to view an explanation for this Deep Hack, check out the link in the comments. Come back next week for a new Deep Hack to test your developer security knowledge! #DeepHack #AppSec #Security

🚨Back with our Deep Hack of the week... Do you know the answer? Comment your guesses below! Tune in every week and test your developer security knowledge with our weekly Deep Hacks. #DeepHack #DeveloperSecurity #AppSec

🚀 Boost Your Kubernetes Security! 🛡️ Example: Easily search your Kubernetes cluster to identify and address the 4 containers that: - Have critical CVEs - Have EPSS score > 10% - Are listed in CISA's Known Exploited Vulnerabilities (KEV) - And are reachable at runtime! 👉 Request a demo today to see how Deepfactor can help you do this! https://hubs.la/Q02DCdVj0 #K8s #ContainerSecurity #DevSecOps

#ICYMI - a deep dive into the Deepfactor platform, delivered by our eng team—on how you can now prioritize the highest-risk vulns that need to be addressed NOW. Watch on-demand. #AppSec #SCA #SoftwareCompositionAnalysis #ApplicationSecurity

✅ The answer to our Deep Hack of the week has been revealed... 🔥 If you answered B) To coordinate the disclosure of software vulnerabilities to affected parties, then you are correct! 👉 If you want to view an explanation for this Deep Hack, check out the link in the comments. Come back next week for a new Deep Hack to test your developer security knowledge! #DeepHack #AppSec #Security

🚨Back with our Deep Hack of the week... Do you know the answer? Comment your guesses below! Tune in every week and test your developer security knowledge with our weekly Deep Hacks. #DeepHack #DeveloperSecurity #AppSec

🔍 Discover and manage your container vulnerabilities! With Deepfactor's Next-Gen SCA, you can easily identify reachable, exploitable, and vulnerable dependencies within your OS packages and all dependencies. Our Runtime SCA and SBOM feature provides comprehensive insights into your application's security posture. 👉 Request a demo today to see how Deepfactor can enhance your application security. Link in comments. #SCA #AppSec #ApplicationSecurity

☑️ Check out our latest blog, by Rajakumar Muthukumarasamy. "Optimizing SCA Use in CI Pipelines for Advanced DevSecOps" covers: 🔸 Importance of software composition analysis in CI pipeline security integration 🔸 Benefits of integrating security into CI/CD processes 🔸 Ensuring long-term successful integration of SCA tools 🔸 How to use Deepfactor in your CI pipeline https://hubs.la/Q02Cf56r0 #DevSecOps #CIPipeline #SCA

7 years ago, Farshad Abasi and I talked about holding an AppSec conference in Vancouver and we talked about transforming Vancouver into an Application Security hub. It has been a wild ride, but Vancouver is slowly becoming a powerhouse in the Security space and we have a many great Application Security practitioners. This past weekend, we hosted nearly 300 people for our very first Application Security conference and it was amazing. We had a number of great talks and workshops and the speakers literally came from all around the world to speak at our conference. I wanted to thank the organizers, speakers, sponsors and the countless volunteers that helped put this event together. A special shout out to Farshad Abasi, Dana Epp, Brian M., Keri Kusznir, Kendra Ash, Ben Gibbs, Manoj Prasad, Roberto Salgado and Bhawandeep Kambo for being a part of the organizing committee and their hard work for the past year to make this event a success. Thank you to our main speakers E Coleen and Jason Haddix. A special thank you to Tanya Janca and Brandon Wu that stepped up last minute when we had workshop challenges. Finally a special thank you to our sponsors Deepfactor, Endor Labs, EdgeBit, OX Security, GitHub, Websec, Kodem, IriusRisk, Eureka DevSecOps, Apiiro, PentesterLab, HackerOne and Qwiet AI. There are so, so, so many more folks to thank. Thank you all, we couldn't have done this without you. See you all in Seattle next year!