Cybersecurity continues to be a thorny problem for businesses and government agencies as breaches, disruptions, and data thefts continue to escalate. To help ensure that the growing number of government and private organizations implementing Kubernetes solutions have the highest possible levels of security, the National Security Agency (NSA) and Cybersecurity and Infrastructure Security Agency (CISA) have issued guidelines for hardening the security of Kubernetes implementations.

Multi-Factor Authentication (MFA) provides an enhanced security mechanism for your entire organization by requiring multiple methods of authentication credentials. Using traditionally managed passwords for accessing your apps, services, and networks is no longer a secure methodology. Indeed, cyber threats are on the rise. Hackers today employ sophisticated techniques such as spear-phishing or pharming to gain unauthorized access to corporate accounts.

This article explores how to secure production Kubernetes clusters with the help of open source tools. As a prerequisite, you’ll need to have basic beginner-level knowledge of Docker and Kubernetes. In a nutshell, Kubernetes is a container orchestration tool and Docker is a containerization platform. Some of the most famous Kubernetes clusters managed by cloud providers include AWS EKS, Azure AKS, and Google CKE.

We’ve said it before, and we’ll say it again: Security Orchestration, Automation and Response (SOAR) platforms are great tools for helping teams work smarter, faster, and more efficiently against security risks. But, used on their own, SOARs are far from perfect for meeting the full security needs of the modern organization.

The Project Calico community is one of the most collaborative and supportive communities in the open-source space. Our community has shown great engagement through the years, which has helped us maintain and grow the project. Thanks to our 200+ contributors from all over the world, Calico Open Source (the solution born out of the project) is powering 1.5M+ nodes daily across 166 countries.

AWS announced CloudTrail Lake on January 5th, 2022, as a fully-managed solution for storing and querying CloudTrail logs. At first glance, it is straightforward to set up, can be enabled for all your organization’s accounts with a radio button, and keeps data for up to seven years by default! It’s a huge time saver and headache eliminator for many, as getting CloudTrail from all organization accounts to a SIEM can be tedious and time-consuming. But all this comes with a cost.

Last week, a critical vulnerability identified as CVE-2022-0185 was disclosed, affecting Linux kernel versions 5.1 to 5.16.1. The security vulnerability is an integer underflow in the Filesystem Context module that allows a local attacker to run arbitrary code in the context of the kernel, thus leading to privilege escalation, container environment escape, or denial of service.

The security stack is a crucial part of any company’s IT infrastructure. However, Security teams increasingly report that traditional SIEM solution approaches are “costly, complex, and resource-consuming,” according to a recent ESG survey. Fortunately, there has been significant innovation in how firms approach cybersecurity with new cloud-native technologies stack and breaking free from vendor lock-in and giving themselves more flexibility, cost advantage, and future-proofing.

With the recent release of build.cfengine.com and cfbs I have been thinking about the process of converting a traditionally manged policy set. I consider a traditionally manged policy set one where you have a repo with the root of masterfiles being the root of the repository, or even having no repository at all and managing masterfiles by editing directly in the distribution point (e.g. /var/cfengine/masterfiles).