Vendor Deep Dives

Announcing OpenGrep

And the importance of a commoditized SAST

Jan 23 •

Wiz Defend-ing Their Flank

An early preview of Wiz Defend, and the next 5 years of runtime focused CNAPP

Dec 4, 2024 •

Comparing Static and Runtime Reachability

Revealing the pros and cons of two emerging types of reachability

Oct 31, 2024 •

Why and How to Implement Seccomp Policies

Explaining the use cases and how to implement an under-discussed Kubernetes feature

Oct 10, 2024 •

What do I think about Wiz Code?

Answering my most received question from the last 2 weeks

Oct 3, 2024 •

Comparing Aikido and Snyk for SCA Scanning

A small step towards total market coverage

Sep 24, 2024 •

Vulnerability Management Part 1 - Assets and Fixes

A three part series detailing what data is helpful for operationalizing vulnerability management (1/3)

Sep 17, 2024 •

Defining Reachability - is it just hype?

(1/3) Exploring what's been up with reachability since our last talk about it

Sep 4, 2024 •

How Container Vulns Get Fixed

Walking through the process of fixing container vulnerabilities

Aug 15, 2024 •

And other realities from last week's fundraising

Jul 30, 2024 •

The Kubernetes Gap in CNAPP

Exploring why many CNAPPs have a Kubernetes gap

Jul 2, 2024 •

#nojs-banner { position: fixed; bottom: 0; left: 0; padding: 16px 16px 16px 32px; width: 100%; box-sizing: border-box; background: red; color: white; font-family: -apple-system, "Segoe UI", Roboto, Helvetica, Arial, sans-serif, "Apple Color Emoji", "Segoe UI Emoji", "Segoe UI Symbol"; font-size: 13px; line-height: 13px; } #nojs-banner a { color: inherit; text-decoration: underline; } This site requires JavaScript to run correctly. Please turn on JavaScript or unblock scripts