Share this postWeekly InfoSec Updates - Issue #4www.secureallsoftware.comCopy linkFacebookEmailNoteOtherWeekly InfoSec Updates - Issue #4Andreas TiefenthalerNov 01, 2018Share this postWeekly InfoSec Updates - Issue #4www.secureallsoftware.comCopy linkFacebookEmailNoteOtherShareLinksA good overview on what parts of the AWS ecosystem can and should be tested. It also covers the important part of testing in the cloud. An aspect that is often missed.In the previous article in this series Tanya discussed security requirements. When making any product, requirements are a must, and ensuring you have security built into your requirements from the start.The US General Services Administration guide to DevSecOps. A very detailed intro to their way of ensuring security and software development are working aligned. Despite it being a government document it delivers some good value from small to big software companies.Tools and TechWe've compiled over 23 Node.js security best practices (+40 other generic security practices) from all top-ranked articles around the globe. The work here is part of our Node.js best practices GitHub…Awesome Node.js Security resources. A Collection of helpful tools improve the security of your node.js apps. It also covers some great educational resources.WatchAgility is the cornerstone of the DevOps movement, security has been seen as a blocker many times. The step from a DevOps organisation to a DevSecOps is a small, but very powerful one.What is up?December 18-19, 2018 in Israel with a big focus on security and people.November 19-20, 2018 in StockholmNovember 29-30, 2018 in Lisbon, Portugal.