SBOM: the 1st Step Towards Defending Against SW Supply Chain Attacks
What is an SBOM? A Software Bill of Materials, commonly referred to as SBOM, is a list of all components—including proprietary, open source, and 3rd party— in a…
Read More >
How Engineering Teams Go From Good to Great with Runtime Observability
Have you ever contemplated why some teams, whether they are sports teams or business teams or any kind of team, move from good to great? Is it luck or conscious…
Read More >
Why aren’t developers rushing to use observability?
Are there no observability tools purpose-built for developers? When meeting with our customers’ dev teams, I'm continually amazed that basically nobody I talk with needs much selling on the reasons…
Read More >
You can’t spot all vulnerabilities with only static code scans!
A static code scanner is not sufficient in today’s DevOps-microservices-containers-world. You need RUNTIME observability into the application’s security, privacy, and compliance. Developers need to know if their code or a…
Read More >
With the pressure to release fast, how in the world can developers ensure they’re releasing secure code with no known vulnerabilities???
With today's modern apps, developers cannot be expected to keep abreast of all findings in the security space and go over source code of all dependencies to see if there…
Read More >
DeepFactor’s Key Take-Aways from DeveloperWeek 2021
About DeveloperWeek Each year, 8,000+ developers, engineers, software architects, dev teams, managers and executives from 70+ countries gather for DeveloperWeek (conducted Feb 17-19, 2021) to discover the latest in developer technologies,…
Read More >
DeepFactor Launches Observability-as-Code
Integrate Security Observability into CI Pipelines What’s the big news? DeepFactor launches Observability-as-Code with it’s latest product release v1.5. Similar to how ‘Infrastructure-as-Code’ enables DevOps engineers to orchestrate infrastructure using…
Read More >
How to detect code execution risks in your app by observing millions of live telemetry events
Detecting and remediating code execution risks is a key aspect of shipping secure applications, but several of these risks aren’t detected by SAST or DAST tools. What do you…
Read More >
So you think you know the behavior of your containers? Would you stake your job on it?
WEBINAR: January 26th @11:00a.m. PT You’ve developed a fabulous application in a container/ Kubernetes Continuous Integration (CI) pipeline. The application works as it should, and the static scans look secure...…
Read More >
DAST & Observability: Made For Each Other!
DeepFactor seamlessly integrates Continuous Observability and OWASP ZAP to deliver powerful runtime security insights to developers. If you are thinking about only using a dynamic application security testing (DAST) tool…
Read More >
DeepFactor + CircleCI: Supercharging Continuous Integration with Continuous Observability
Meet the newest orb in the CircleCI ecosystem: DeepFactor! DeepFactor delivers continuous observability for DevSecOps, enabling developers to rapidly find and triage runtime Security, Privacy, and Compliance risks in…
Read More >
[Webinar] Why is observability critical in your DevSecOps pipeline?
With Continuous Observability, developers can find and triage runtime security, compliance, and privacy risks within the DevOps pipeline while the application security team can set guardrails, receive alerts, and…
Read More >