/Security

How To Prevent Secrets From Ending Up On Developer's Machines

- Ryan Blunden tl;dr: Even with environment variable storage offered by modern hosting platforms and secrets managers provided by every cloud, developer's machines are still littered with secrets in unencrypted text files because local development was left out of the picture. Learn how to prevent secrets from ending up on developer's machines.

featured in #345


Understanding The Value Of SOC 2 Compliance For Your Company

tl;dr: Being asked to prove your company’s security is a common blocker in getting your sales deals moving. But with the right perspective, this obstacle can be turned into a competitive advantage. Read the blog to learn more!

featured in #344


How To Access Infrastructure Without Usernames And Passwords

- Ev Kontsevoy tl;dr: Eliminate passwords and other static credentials like SSH keys from your infrastructure, making it more secure, scalable, and easier to use. Stolen credentials are the #1 cause of data breaches — open-source Teleport makes it easy to ditch secrets and embrace identity. Learn more.

featured in #343


How Engineers Can Tackle Data Privacy And Security

tl;dr: What can engineers do to stay on top of privacy? Most startups are not going to have a dedicated in-house privacy expert at their disposal. Learn how engineers can stay secure while growing a team and a product in Vanta’s recent blog.

featured in #342


How To Access Infrastructure Without Usernames And Passwords

- Ev Kontsevoy tl;dr: Teleport 10 introduces Passwordless Access. Eliminate passwords and other static credentials like SSH keys from your infrastructure, making it more secure, scalable, and easier to use. Stolen credentials are the #1 cause of data breaches — Teleport 10 makes it easy to ditch the secrets and embrace identity. Learn more.

featured in #338


How To Prevent Secrets From Ending Up On Developer's Machines

- Ryan Blunden tl;dr: Even with environment variable storage offered by modern hosting platforms and secrets managers provided by every cloud, developer's machines are still littered with secrets in unencrypted text files because local development was left out of the picture. Learn how to prevent secrets from ending up on developer's machines.

featured in #336


I've Locked Myself Out Of My Digital Life

- Terence Eden tl;dr: "Imagine… last night, lightning struck our house and burned it down. I escaped wearing only my nightclothes. In an instant, everything was vaporised. Laptop? Cinders. Phone? Ashes. Home server? A smouldering wreck. Yubikey? A charred chunk of gristle. This presents something of a problem." Terence discusses the issues with 2FA, especially when "when things are secured by an unassailable algorithm" instead of a human.

featured in #330


Cloudflare Mitigates 26 million Request Per Second DDoS Attack

- Omer Yoachimik tl;dr: "The 26M rps DDoS attack originated from a small but powerful botnet of 5,067 devices. On average, each node generated approximately 5,200 rps at peak. To contrast the size of this botnet, we’ve been tracking another much larger but less powerful botnet of over 730,000 devices."

featured in #326


The State of Startup Security Report 2022

tl;dr: Vanta asked startups to honestly and anonymously answer questions about their security posture, their security roadmap, and how satisfied they are with their security in general. Over 500 people took part in our survey and we break down the results in our first annual State of Startup Security Report. Want to learn more? See the data for yourself in the State of Startup Security Report 2022.

featured in #325


Proving Security Just Got Easier With The Vanta Trust Report

tl;dr: Proactively demonstrate your commitment to security, externally and in real-time with the Vanta Trust Report. Vanta Trust Reports showcase first-party data in an easy-to-understand dashboard, alongside commonly requested security documents, certifications, reports, and more, to create a single source of truth for your security and compliance.

featured in #323