Security Updates of for the week - Issue
Malicous eslint packages
Leaked credentials and insecure account management allowed two widely used npm packages to be compromised. Npm revoked all access access tokens issued before 2018-07-12 12:30 UTC.
The squreen DevSecOps Security Checklist
A great checklist to go trough before launching any service to a wider audience.
Serverless Security Adoption
Serverless is changing from a buzzword to reality. How do existing security best practices apply here? Is the security community fast enough to support this developments?
Shift left...
The push to the left is the latest hype in the infosec world, however many see it as a problem. Security teams do not necessarily have the necessary agile mindset, and quite often tend to slow things down before they even started.
>50:1 developers to security engineer
A good overview on how security teams in big companies run and self organise. It contains tips and tricks fro companies of all stages. The talk was given at OWASP AppSec 2018 by Clint Gibler