The PII Testing Dilemma
Software engineering leaders, platform leaders, and AI/ML leaders responsible for release velocity, quality, and risk management.
Operations | Monitoring | ITSM | DevOps | Cloud
The Place Where Modern Operations & Technology Come Together
The latest News and Information on CyberSecurity for Applications, Services and Infrastructure, and related technologies.
Certificate permissions with CertKit Applications
When you’re managing a handful of certificates, one big list works fine. Add a few dozen more and things get messy. Add multiple teams or projects and you’ve got a problem. Who should have access to the production certificates? What about staging? Does the contractor working on the marketing site really need to see your internal infrastructure? CertKit now supports multiple applications from our roadmap to help you sort this out.
Top API Auth Mistakes (JWT, OAuth, keys)
APIs are the connective tissue of the modern digital world. They power our mobile apps, enable microservices to communicate, and connect us to third-party data. But this central role also makes them a prime target for attackers. While we build powerful functionalities, it's often the simplest oversights in authentication that leave the front door wide open.
Evidence, Not Screenshots. How Teams Stay Always Audit-Ready in ServiceNow
In regulated environments, slow change is often blamed on process. Too many approvals. Too much governance. Too much red tape. But in reality, most delays are not caused by regulation itself. They are caused by missing, fragmented, or untrusted evidence. Screenshots pasted into tickets. Proof assembled weeks later. Approvals stalled because no one can confidently say whether a change actually meets policy. When evidence is an afterthought, compliance turns into chaos.
Evidence, Not Screenshots
In regulated environments, slow change is often blamed on process. In reality, it’s caused by missing, fragmented, or untrusted proof. Screenshots. Tickets. Manual approvals. Evidence assembled after the fact. In this video, we show what changes when compliance policies are embedded directly into release workflows — and when immutable, machine-readable evidence is captured automatically across CI/CD.
ServiceNow Without the Ticket Hell
ServiceNow is the system of record for change and approvals in most regulated enterprises. But when evidence lives elsewhere — scattered across CI tools, scanners, tickets, and screenshots — approvals slow down and audits become painful. Developers waste hours chasing proof. CABs approve changes without confidence. Auditors reconstruct history months later. In this video, Matt Bailey shows what changes when evidence is produced continuously, directly from the delivery pipeline, and linked into ServiceNow workflows.
Delegated DNS validation: proving domain ownership without exposing credentials
It seems like every service wants proof you control your domain. Certificate authorities need it to issue certificates. Email platforms need it to authorize sending. Analytics needs it to gather data. Just add this magic TXT record to your DNS, wait for propagation, click verify. It works fine when it’s a one-time setup, but certificate lifetimes are dropping to 47 days, and you won’t be able to keep up on that schedule.
Ingress NGINX Project Is Retiring: A Step-by-Step Guide to Replacing the Ingress NGINX Controller
The Ingress NGINX Controller is approaching retirement, and teams need a clear path forward to manage Kubernetes ingress traffic securely and reliably. To make this transition easier, we’ve created a single, curated hub with all the relevant blogs and webinars. This hub serves as your one-stop resource for understanding the migration to Kubernetes Gateway API with Calico Ingress Gateway.
ServiceNow Without the Ticket Hell
ServiceNow is the system of record for change and approvals in most regulated enterprises. And yet, for many teams, it has become the place where delivery slows to a crawl. Not because ServiceNow is broken. But because the evidence model underneath it is. Developers ship fast through modern CI/CD pipelines, automated tests, and security scans, only to hit a wall when changes reach approval. Tickets bounce back. Evidence is questioned. Screenshots do not tell the full story. CABs hesitate. Releases wait.
What is a Scam Checker and How Can It Protect You Online?
Here's something that should worry you: online scams are evolving faster than ever before. We're not talking about clumsy Nigerian prince emails anymore. Last year, Americans handed over billions to digital con artists, and those figures? They're accelerating at an alarming rate. The truly frustrating part is that most people only discover they've been victimized after the damage is done.