OpenSSL 3.0 Critical Vulnerabilities: Should You be Spooked?

By: Sarabjeet Chugh
Nov 1 2022

Don’t be. Act now—use Panoptica to scan for OpenSSL vulnerabilities for free. On November 1, the OpenSSL Project team released a critical patch for OpenSSL 3.0. The patch—OpenSSL 3.0.7—will fix this vulnerability in the library affecting ...

Speed Versus Security: Tackling the “Developer’s Dilemma”

By: Rami H.
Sep 19 2022

Today’s developer just can’t win. It’s a continuous tug of war between business objectives—the boss who wants releases “faster, faster, faster!” and the security team, who keeps halting releases because of insecure code—with the develo...

Securing Serverless Applications Against the Most Critical Risks

By: Sarabjeet Chugh
Sep 19 2022

If you’re a developer working in a cloud environment, there’s a good chance that you’ve either started thinking about serverless computing or have already started to deploy it. And why not? Unlike VMs or container clusters, serverless function...

How Panoptica Secures GitOps to Protect CI/CD Pipeline Tools

By: Tomer Dvir
Jun 8 2022

If you work in software development or IT, you’ve likely heard about – and perhaps are even practicing – GitOps, the latest, greatest way to accelerate software delivery. GitOps uses Git, the version control system, to centralize and stan...

Seeing the Unseen: Gaining Visibility into API Payload Encryption

By: Alessandro Duminuco
Jun 7 2022

When it comes to API security, end-to-end encryption presents something of a paradox. On one hand, encryption secures the data that is exchanged during transactions. This is, of course, a good thing. But there’s a drawback: When you use end-...

Introducing Panoptica, The Cisco Secure Application Cloud

By: Rich Gold
May 19 2022

Enabling DevSecops for cloud native applications through security automation “From the acquisition of Portshift, the Cisco Emerging Technology and Incubation team has been on a mission to enable secure software development for cl...

Cisco ET&I & Cloud Native Security – Pushing boundaries & making bold bets

By: Ran Ilany
Feb 7 2022

Successful enterprises are good at what they do – so good, in fact, that it can become difficult for them to embrace new ideas. Instead, many choose to rest on the laurels of their existing products and services – Usually their successful produc...

Everything DevOps need to know about the NSA’s Kubernetes Security Guidance

By: Alexei Kravtsov
Nov 30 2021

Kubernetes security is a complex topic. So complex that the National Security Agency recently issued a 59-page guidance document on Kubernetes security hardening. Yet, when you boil this advice down, you’ll find that most sources of c...

Leveraging Gitops to Deploy Cloud Native Security

By: Tomer Dvir
Nov 8 2021

GitOps is increasingly popular among developers as it accelerates development, but as security requirements grow, a new approach is needed. GitOps security needs to shift left. Here’s how to secure your GitOps repository. GitOps is gaining trac...

The 3 Pillars of API Security: Visibility, Risk Scoring & Enforcement

By: Alessandro Duminuco
Oct 20 2021

You can’t secure what you can’t see. APIs are no exception. Whether your application uses internal APIs to manage interactions between microservices, external APIs to integrate with third-party services, or both, you need to be able to visual...