Threat Hunting with Cloud SIEM
Threat hunting is emerging as a must-have addition to cybersecurity strategies. By enabling organizations to find and mitigate threats before ..
Top 5 Cybersecurity Tools For A Work-From-Home World
Cybersecurity tools have become more important than ever. For many organizations, COVID made their workplace perimeter-less for the first ..
Kubernetes Container Registry and Image Scanning
If you’ve been investigating Kubernetes – or any container management system – you might have come across references to an image registry. ..
Python For CyberSecurity Testing
One of the factors that attract engineers to a career in CyberSecurity is the continually evolving landscape and toolsets. CyberSecurity ..
Building a Security-Centric Culture for Kube-Native Environments
Just as DevOps ultimately boils down to culture rather than specific tools, effective IT security also rests upon a culture that prioritizes security across application environments as well as all stages of the delivery chain.
Why Workload Security Is Not Just for IT Anymore
Once upon a time, workload security (which means making sure an application and its environment are configured and deployed securely) was something ..
Container Security Considerations for Today
Docker has been around for six years. In that time, lots of ink has been spilled (or pixels fired) about container security. A lot of the articles ..
Beyond App Security: Securing Applications No Matter Where They Live
It’s 2019. Do you know where your applications are?* Probably not. Today’s applications don’t live in static, isolated server environments ..
Understanding Different Types of Security Tests
It’s common to hear people talk about “security testing” as if it is a singular, monolithic thing. If you actually do security testing, ..
The Evolution of Container Security, 2013-Today
In the early days of Docker, container security solutions were pretty primitive. But as containers have grown in popularity and gained a massive ..
Cybersecurity executive order targets two common attack vectors
Last week, the Administration released an Executive Order (EO) on “Strengthening the Cybersecurity of Federal Networks and Critical Infrastructure.” ..
IAM Roundup: AWS vs. Azure vs. GCP
Every major cloud provider has some form of Identity and Access Management (IAM) that is used to secure resources within their platform. ..
What Service Meshes Mean for Enterprise Security
Service mesh: Heard of them? By now, you may have. Service mesh is becoming an increasingly important part of the container conversation. ..
Securing your CoreOS Container
f you are reading this, you probably know about CoreOS and what it does. And you may be looking for a way to improve the security of your ..
The Container Security Journey
How do you transition from just running containers to running containers securely? Below, I reflect on my personal experience learning to secure ..
Guide to Swarm Security
Docker Swarm is a container orchestration tool that manages a cluster of Docker Engines, which in turn runs a group of Docker containers. ..
A Checklist for DevSecOps When Choosing a Container Security Provider
If there was ever a time when integrating security into DevOps was strictly optional, that time is long past. These days, it’s a necessity. DevOps ..
Using Containers to Mitigate DDoS Attacks
Containers can be an excellent mechanism for mitigating Distributed Denial of Service (DDoS) attacks. However, discussions around the subject ..
Container Image Security Best Practices
Container images make application deployment easy and convenient. But alongside ease and convenience, you also need security. This is why container ..
To Secure Containers, Focus on the Applications
Traditionally, discussions of IT security have focused largely on the network with less planning put into application security. Organizations ..