Video Hub

Secure Kubernetes Workloads with OpsMx Delivery Shield & KubeScape | Kubernetes Security

OpsMx’s Delivery Shield integrates with KubeScape to consolidate Kubernetes security posture data and enforce policies to strengthen pod security.

Managing Open Source Risks with OpsMx Delivery Shield: SBOM & Global Risk Management

OpsMx’s Delivery Shield uses a SBOM and native capabilities of a Global Risk Management Tool to manage the risks and licensing issues associated with using open source code.

Secrets Scanning with OpsMx Delivery Shield | Block Deployments with Sensitive Information

OpsMx’s Delivery Shield integrates natively with Trivy (open source scanner) to detect Secrets exposed in source code and container images and block critical deployments.

What is a DeliveryBOM? | Software Delivery Bill of Materials | SBOM

OpsMx DeliveryBOM enhances SBOM by tracking security posture from build to deployment, ensuring compliance, transparency, and end-to-end lifecycle visibility.

Prioritization Strategies for Effectively Managing CVE risks | OpsMx Delivery Shield

While managing production vulnerabilities may seem daunting, a solid strategy can help you prioritize them and focus on what matters most.

Jenkins Continuous Security Monitoring & Automated Risk Assessment

Leveraging continuous security monitoring and automated risk assessment to automate security workflows in a Jenkins environment.

Practical Steps for Securing CI/CD Pipelines | Secure Software Delivery

Here are some actionable steps to secure CI/CD Pipelines in order to help you maintain a robust software delivery process.

Overview of the CI/CD Softspots targeted by Threat Actors in the Pipeline

Threat actors have now moved on to attacking other parts of the CI/CD pipeline besides production systems. Get an overview of the places they now commonly target.

NSA and CISA recommendations to reduce the attack surface and fortify CI/CD pipelines

NSA and CISA recommendations to reduce the attack surface and fortify CI/CD pipelines

Securing GitOps (Argo) pipeline with Delivery Shield

Learn how Delivery Shield triggers automated security scans for every new build in GitOps deployments.

Jenkins Top 10 Security soft-spots | CI/CD Security Gaps | Jenkins security vulnerabilities

Weak authentication, plugin vulnerabilities, and insecure configurations are among the top 10 Jenkins security soft-spots. Learn more.

Understanding Security soft-spots of Jenkins | Importance of Jenkins security advisory

In SDLC, Jenkins and the entire Build process has become an easy cybersecurity attack surface. Learn why it must be secured.

Why does Jenkins make the Software Supply Chain vulnerable? | Jenkins security soft spots

Even though Jenkins is incredibly flexible, it introduces security risks, making the Software Supply Chain vulnerable to external and internal threats.

Unifying Security Management in SDLC: Challenges and Considerations

Discover the key factors to consider when choosing AppSec tools for your SDLC

The need for End-to-End Application Security Posture in SDLC

Discover the various attack vectors that threat actors can exploit in SDLC and why end-to-end application security posture management is key.

Why Secure the SDLC with Open Source Software and simplify Application Security

This video explores why you need to secure your SDLC and the role Open Source tools play a key role in ensuring Application Security.

Global View Of Application Security Program & Actionable Intelligence by OpsMx Delivery Shield

Explore how a security leader can get insights into AppSec posture (visibility, reporting, and monitoring data across SDLC stages.

Vulnerability Management by OpsMx Delivery Shield

Demo of OpsMx’s Delivery Shield aggregating data from different sources, correlating, prioritizing and remediating vulnerabilities.

Attack Surface, Vulnerability Detection and Automated Actions using OpsMx Delivery Shield

Explained! How Delivery Shield enforces policies to prevent vulnerabilities from entering across SDLC stages (code/build/artifact/deploy).

Policy and Security Frameworks Supported by OpsMx Delivery Shield

The flexibility of Policy enforcement agents to customize policies, and tailor severity levels to specific security needs, explained!

Using CD Events to Capture End to End Application Security Posture

The talk underscores CD Events' crucial role in a proactive,integrated security approach throughout the software delivery lifecycle.

AppSec Challenge #4: Identifying & managing Security Vulnerabilities | Exception Management

Identifying the severity level of threats and how relevant it is for different Application teams is an actual AppSec problem at large enterprises.

AppSec Challenge #3: Understanding and Visualizing your SDLC Security Posture

Large enterprises struggle to get complete visibility into their SDLC security posture, making it difficult to implement an effective ASPM program.

AppSec Challenge #2: Gathering and synthesizing data from across the entire DevOps toolchain

Automating data collection and synthesis is key to a healthy AppSec posture. This video explains the challenge and solution to this process.

AppSec Challenge #1: Securing the End-to-End Software Delivery Process

Attacks are no longer just restricted to code; the attack surface can be anywhere across the entire SDLC, making end-to-end visibility essential.

Why is the D-BOM (Delivery Bill of Materials) a game changer for AppSec and DevSecOps teams

OpsMx’s D-BOM, is a game-changer for DevSecOps and AppSec teams trying to ensure policy compliance at scale. Learn how it automates deployment checks & validates builds.

Say goodbye to Audit nightmares with OpsMx’s Audit & Traceability features

Streamlined Audit reporting allows you to anticipate problems/risks, improves SDLC decision making and reduces time to investigate incidents. Learn how to transform audit nightmares into a good night's sleep.

Why ‘Security’ should not stop at build and extend through to ‘Deployment’

A poor security posture during the ‘build’ or ‘code commit’ stage could lead to a critical security threat by the time it gets deployed to prod. Ensuring image and artifact provenance is imperative.

Role of Security Guardrails & Automated Validations in Shift-left Security | DevOps Security

OpsMx experts explain why enforcing security guardrails and automated validations are the means to ensure compliant deployments. Listen to them explain why this is fundamental to ‘Shift-Left Security’.

Stick with what works – Guiding principles for Secure CI CD with OpsMx

Adapting to security threats without disrupting your existing CI/CD processes can be a challenge. OpsMx experts discuss how to enhance security while keeping your tried-and-true delivery and deployment process intact.

Retain Jenkins for CI, but improve security with other CD tools

OpsMx experts, Bob and David discuss how you can maximize Jenkins' potential and ensure its security. If you've invested time in Jenkins, let OpsMx help you make it even better!

Beyond the Build: Threat Actors & Battling CI/CD Blindspots

OpsMx experts discuss: Going beyond the build, how secure is your CI/CD process? From the inception of code to production, understanding end-to-end security is paramount.

Manual Approvals slowing down your DevOps pipelines?

Are ‘Manual’ approvals slowing down your DevOps? Learn how automated policy enforcement paves the way to break free from the DevOps bottlenecks from OpsMx experts!

Elevating ASPM with Real-time Monitoring for Dynamic Software Security

Monitoring for security threats in real-time is key if you are to maximize ASPM efforts. Watch this video to understand the importance of continuous monitoring.

Maximizing Deployment Security: A guide to exercise Security Controls and Best Practices

The ‘deployment’ phase can act as a key point of control to enforce security standards. Watch the video to learn more.

Integrating ASPM practices into Open Software Delivery (OpenCD) architecture

The most effective strategy to scale CD workflows in the long run, is to use open source tooling and integrate AppSec practices with open source tools. Learn more.

What is ASPM? (Application Security Posture Management) – Overview and Strategies of ASPM

ASPM is the process of analyzing security signals across the entire SDLC to understand application health, improve service visibility, and manage vulnerabilities.

OpsMx Spinnaker Open CD Architecture : Unified CD with DevOps Integrations

Spinnaker is a key component of an OpenCD Architecture. OpsMx enhances Spinnaker’s capabilities by focusing on security, visibility & delivery intelligence.

Enhanced Spinnaker Security/Security Update: UBI8 & Governance

Spinnaker is building a secure foundation for software delivery, and can be used in the deployment process to exercise security controls in the SDLC.

Spinnaker Metrics & Dashboard: Optimizing Continuous Delivery

Spinnaker's advanced metrics and dashboards offer unprecedented visibility into the release process ensuring efficient and scalable deployments.

Enhancing Spinnaker Usability: Kubernetes API Checks & More

Contributions from active users is what’s helping Spinnaker become a reliable and secure platform for deployments and a more user-friendly DevOps tool.

Optimizing Spinnaker: Enhancing Performance & Storage Integration

Spinnaker is very scalable thanks to its support for multi cloud deployments, ease to use for smaller deployments and efficiency during large-scale operations.

The Power of Spinnaker Community and Support

Thanks to frequent contributions from the open source community, Spinnaker not only sees performance improvements, but also security enhancements.

Power of Spinnaker – A Continuous Delivery (CD) Tool

Spinnaker is the most popular tool for CD. Originally developed by Netflix and later open sourced, teams around the world use it to automate software delivery.