Infrastructure as Code (IaC) is an important part of Cloud Applications. Developers rely on various Static Application Security Testing (SAST) tools to identify security/compliance issues and mitigate these issues early on, before releasing their applications to production. Additionally, SAST tools often provide reporting mechanisms that can help developers verify compliance during security reviews. cdk-nag integrates […]Read More
with Aaron Friedman (Principal PM-T for xGuru services) Amazon CodeGuru is a developer tool that uses machine learning and automated reasoning to catch hard to find defects and security vulnerabilities in application code. The purpose of this blog is to show how new CodeGuru Reviewer features help improve the security posture of your Python applications […]Read More
Learn how to scan Python packages for security vulnerabilities using AWS Developer tools and SnykRead More
DevSecOps software factory implementation can significantly vary depending on the application, infrastructure, architecture, and the services and tools used. In a previous post, I provided an end-to-end DevSecOps pipeline for a three-tier web application deployed with AWS Elastic Beanstalk. The pipeline used cloud-native services along with a few open-source security tools. This solution is similar, […]Read More
Take a Well-Architected approach to make an informed decision when choosing to implement CI/CD using open-source tools on AWS services, using managed AWS services, or a combination of both.
We will look at key considerations for evaluating open-source software and AWS Services using the perspectives of a startup company, and a mature company, as examples. These will give you two very different points of view that you can use to compare to your own organization. To make this investigation easier we will use Continuous Integration (CI) and Continuous Delivery (CD) capabilities as the target of our investigation.
In our next two blog posts we will follow two AWS customers Iponweb and BigHat Biosciences as they share their CI/CD journeys, their perspective, the decisions they made, and why.
To end the series, we will explore an example reference architecture showing the benefits AWS provides regardless of your emphasis on open source tools or managed AWS services.Read More
Security and compliance standards are of paramount importance for organizations in many industries. There is a growing need to seamlessly integrate these standards in an application release cycle. From a DevOps standpoint, an application can be subject to these standards during two phases: Pre-deployment – Standards are enforced in an application deployment pipeline prior to […]Read More
Amazon CodeGuru is a developer tool that provides intelligent recommendations for improving code quality and identifies an application’s most expensive lines of code. To help you find and remediate potential security issues in your code, Amazon CodeGuru Reviewer now includes an expanded set of security detectors. In this post, we discuss the new types of […]Read More
This post was contributed by James Bland, Sr. Partner Solutions Architect, AWS, Jay Yeras, Head of Cloud and Cloud Native Solution Architecture, Snyk, and Venkat Subramanian, Group Product Manager, Bitbucket One of our goals at Atlassian is to make the software delivery and development process easier. This post explains how you can set up […]Read More
The majority of companies have embraced open-source software (OSS) at an accelerated rate even when building proprietary applications. Some of the obvious benefits for this shift include transparency, cost, flexibility, and a faster time to market. Snyk’s unique combination of developer-first tooling and best in class security depth enables businesses to easily build security into […]Read More
There are multiple ways you can protect your data while it is in transit and at rest. You can protect your data in transit by using SSL or by using client-side encryption. AWS Key Management Service (AWS KMS) is a managed service that makes it easy for you to create, control, rotate, and use your encryption […]Read More