DEVOPS digest – “Shift Left” has become an ever-present meme amongst DevOps and the security folk concerned about or working with DevOps. To “shift left” means to attend to something as early in development as possible, based on the assumption of left-to-right mapping of development activities.

Dark Reading – As nation-states and rogue actors increasingly probe critical infrastructure, policy and technology experts worry that satellite and space systems are on the front lines.

GeekWire – How can banks innovate and take risks without losing the trust of customers or running afoul of regulators? That’s one of the weighty questions being pondered this week inside JPMorgan Chase, as employees around the world prepare for the financial services giant’s annual companywide hackathon. Employees participating in the event are thinking not just about the cool stuff they could build but also about the impact their projects could have — positive or negative — if they’re ultimately adopted by the company.

BBC News – A Florida town has decided to pay malicious hackers $600,000 (£475,000) to get its computers working again. Municipal computers for Riviera Beach, a suburb of Palm Beach, were rendered unusable by the ransomware attack. The virus disabled email, hit emergency response systems and forced staff to use paper-based admin systems. The local council for the community of 35,000 people voted to pay off the hackers after employing cyber-security consultants to investigate.

Intelligent CISO – The global market for drones is expected to grow 36% a year between 2018 and 2022, according to analysts. But cybersecurity expert IOActive has warned this increase will create a range of new risks. IOActive cautions that if the commercial market for drones is left unchecked then we could start to see drones being weaponised, presenting potential hazards to public safety.

SD Times – Apple is changing its requirements for applications on its App Store to protect user data. Apps in the kids category, VPNs, health or fitness apps will no longer transmit data to third parties and MDM apps, and other apps can only collect data after requesting permission from the user. Additionally, apps in the kids category and apps directed at kids can’t include third-party advertising or analytics software.

DEVOPSdigest – IOActive is joining forces with Bugcrowd, a crowdsourced security company, to provide full-stack continuous testing options across all industries and key verticals, including healthcare, retail, financial services, transportation, technology and government. This partnership aligns with both companies’ commitment to bring robust security solutions to each other’s growing customer base, including crowdsourced bug bounty and vulnerability disclosure programs, full-stack assessments and continuous testing.

Security Boulevard – IOActive, Inc., the worldwide leader in research-fueled security services, today announced that it is joining forces with Bugcrowd, the #1 crowdsourced security company, to provide full-stack continuous testing options across all industries and key verticals, including healthcare, retail, financial services, transportation, technology and government.

The Cyberwire – In an 8-k filed this week with the US Securities and Exchange Commission, the large medical testing firm Quest Diagnostics disclosed that American Medical Collection Agency (AMCA), a third-party collection services firm, notified Quest that AMCA had detected unauthorized activity in its network. As reported by TechCrunch and others, the breach appears to have affected nearly 12 million people. IOActive and Bugcrowd partnership release.

MSSP Alert – Each business day, MSSP Alert broadcasts a quick lineup of news, analysis and chatter from across the security services ecosystem. The Content: Written for MSSPs, SOC as a Service (SOCaaS), Managed Detection and Response (MDR) and MSP security providers — and those who need to partner up with such companies.