#securitytipsfordevelopers search results

2/ ...or allowPriviledgeEscalation on your cluster, except you know what you’re doing.' Manasseh Mmadu Site Reliability Engineer, Deimos. #securitytipsfordevelopers #BeCyberSmart #cybersecurityfirst #security

5/ To avoid ugly incidents like this: create dedicated "automation accounts" for CI/CD efforts. These can then be focused on specific regions of the pipelines. See the link below for Gitlab's suggestions: about.gitlab.com/handbook/engin… #cybersecurityfirst #securitytipsfordevelopers ⬇️

4/ or confusing audits because "an x-employee can still do merges", or the worst case: a security breach on the account now requires a massive effort to refactor possible many touchpoints of automation. #cybersecurityfirst #securitytipsfordevelopers ⬇️

2/ But the question of access and integration from these automated systems to the code in the repositories should be considered from a security perspective as well... #cybersecurityfirst #securitytipsfordevelopers ⬇️

1/ CI/CD automation requires a focused effort with potential moving parts pulling from a potentially large collection of repositories. The moving parts are all orchestrated by pipelines running on dedicated build servers... #cybersecurityfirst #securitytipsfordevelopers ⬇️

2/ ...that way, you reduce an attack surface even when one of your credentials is compromised. Manasseh Mmadu Site Reliability Engineer, Deimos. #securitytipsfordevelopers #BeCyberSmart #cybersecurityfirst #docker

2/ ...Hold the images you deploy as safe as possible, manage the automated processes that updates them, control which users can access them. Deen Hans Principal Software Engineer, Deimos. #securitytipsfordevelopers #BeCyberSmart #CybersecurityFirst #docker

3/ Always mount in your SSH keys or pass it in as a secret that the container can use. Hannes van der Westhuyzen Principal Site Reliability Engineer, Deimos. #securitytipsfordevelopers #BeCyberSmart #cybersecurityfirst #docker

The above security tip is from: Deen Hans Principal Software Engineer, Deimos. #securitytipsfordevelopers #BeCyberSmart #cybersecurityfirst

1/ "It doesn't matter how secure your application code in a container is if you don't carefully control access to where and how the containers are published... Andrew Mori Chief Executive Officer, Deimos. #SecurityTipsForDevelopers #BeCyberSmart See more below⬇️

2. Getting more information from your customer is cheaper than having to tell them you leaked their data. Jaco Nel Chief Fire Fighter, Deimos. #SecurityTipsForDevelopers #BeCyberSmart #cybersecurityfirst

1. 'The best way to protect your customer's data is by not storing it at all. Always consider what information your system needs to perform its function. Store what is necessary and ensure it is secured appropriately.' #SecurityTipsForDevelopers #BeCyberSmart #cybersecurityfirst

We need to be proactive in ensuring we place the right amount of effort and emphasis on security. All it takes is the wrong person with the right script to pull down a highly secure system. Oreoluwa Adegbite SRE, Deimos. #SecurityTipsForDevelopers #BeCyberSmart

3. A successful SQLi can inject data into a database (UPDATE, INSERT, DELETE). It can also change permissions on a database and make the attacker an administrator. Michael Lawrence Security Engineer, Deimos #CybersecurityFirst #SecurityTipsForDevelopers

'When using third-party libraries, be extra careful and review the code thoroughly before using it in your app. Even though they are helpful, some libraries are unsafe for your app.' Tolulope Adedoyin Software Engineer, Deimos. #CybersecurityFirst #SecurityTipsForDevelopers

'Be conscious of common security exploits, phishing attempts, and public data breaches. Protect your access. Use 2FA, strong passwords, and password managers.' Michael Lawrence Security Engineer, Deimos. #CybersecurityFirst #SecurityTipsForDevelopers

The rules are simple: Keep It Simple Security. Long Yi Distinguished Site Reliability Engineer, Deimos #CybersecurityAwarenessMonth #DoYourPart #SecurityTipsForDevelopers

A #CloudSecurity Tip for Developers: Always double-check your permissions! 🚦 🔑 Avoid giving excessive access to cloud resources ☁️ ✋ Limit permissions to the bare minimum required for a task ✅ #softwaresecurity #securitytipsfordevelopers

1/ "It doesn't matter how secure your application code in a container is if you don't carefully control access to where and how the containers are published... Andrew Mori Chief Executive Officer, Deimos. #SecurityTipsForDevelopers #BeCyberSmart See more below⬇️

'When using third-party libraries, be extra careful and review the code thoroughly before using it in your app. Even though they are helpful, some libraries are unsafe for your app.' Tolulope Adedoyin Software Engineer, Deimos. #CybersecurityFirst #SecurityTipsForDevelopers

We need to be proactive in ensuring we place the right amount of effort and emphasis on security. All it takes is the wrong person with the right script to pull down a highly secure system. Oreoluwa Adegbite SRE, Deimos. #SecurityTipsForDevelopers #BeCyberSmart

The rules are simple: Keep It Simple Security. Long Yi Distinguished Site Reliability Engineer, Deimos #CybersecurityAwarenessMonth #DoYourPart #SecurityTipsForDevelopers

'Be conscious of common security exploits, phishing attempts, and public data breaches. Protect your access. Use 2FA, strong passwords, and password managers.' Michael Lawrence Security Engineer, Deimos. #CybersecurityFirst #SecurityTipsForDevelopers

1/ CI/CD automation requires a focused effort with potential moving parts pulling from a potentially large collection of repositories. The moving parts are all orchestrated by pipelines running on dedicated build servers... #cybersecurityfirst #securitytipsfordevelopers ⬇️

1. 'The best way to protect your customer's data is by not storing it at all. Always consider what information your system needs to perform its function. Store what is necessary and ensure it is secured appropriately.' #SecurityTipsForDevelopers #BeCyberSmart #cybersecurityfirst