Companies are leveraging the power of Kubernetes to accelerate the delivery of resilient and scalable applications to meet the pace of business. These applications are highly dynamic, making it operationally challenging to securely connect to databases or other resources protected behind firewalls.

In this article, you will learn how to add inline image scanning to a Google Cloud Build pipeline using the Sysdig Secure DevOps platform. We will show you how to create a basic workflow to build your container image, scan the image, and push it to a registry. We will also customize scanning policies to stop the build if a high-risk vulnerability is detected.

One of the biggest roadblocks for getting anyone to listen to what you want them to do is trust, or more accurately, a lack of trust. You could say we’re facing an unprecedented trust deficit in every aspect of life due to the COVID-19 pandemic. Who can we trust to tell us what to do? And can we trust them to do the right thing? This lack of trust can even make us question the motives of those whom we may have trusted in the past.

We are in the midst of an unprecedented convergence of events that are forcing enterprises to dramatically change how they secure their modern businesses. With the acceleration of digital transformation from COVID-19, work-from-home initiatives, the continued growth of SaaS and the increasing adoption of microservices-based applications, the modern enterprise threat landscaping is transforming rapidly.

Working together successfully as a team — especially in this increasingly remote world — is all about collaboration. As part of that collaboration, it’s critical that team members have access to the files and programs they need to accomplish their jobs, and that access should be easily revocable for when employees change roles or leave the company. This is achieved through access control, which, simply put, defines who is allowed to access what.

Let’s talk visibility for a moment. Security visibility is a data-at-scale problem. Searching, analyzing, and processing across all your relevant data at speed is critical to the success of your team’s ability to stop threats at scale. Elastic Security can help you drive holistic visibility for your security team, and operationalize that visibility to solve SIEM use cases, strengthen your threat hunting practice with machine learning and automated detection, and more.

As companies responded to the COVID-19 pandemic with remote work, cybercriminals increased their social engineering and ransomware attack methodologies. Ransomware, malicious code that automatically downloads to a user’s device and locks it from further use, has been rampant since the beginning of March 2020. According to a 2020 report by Bitdefender, ransomware attacks increased by seven times when compared year-over-year to 2019.

While working with customers over the years, I've noticed a pattern with questions they have around operationalizing machine learning: “How can I use Machine Learning (ML) for threat detection with my data?”, “What are the best practices around model re-training and updates?”, and “Am I going to need to hire a data scientist to support this workflow in my security operations center (SOC)?” Well, we are excited to announce that the SplunkWorks team launched a new add-

Microsoft Active Directory (AD) is the nerve center enabling your federal agency to access the systems and applications staff members need to do their jobs. AD is also a high-risk target for inside and outside threats and can be a gateway for other potential security vulnerabilities. The key to protecting your agency’s AD is to have the right processes in place to maintain its integrity, know whether something is happening that shouldn’t be, and demonstrate compliance if required.

Big data security is a term used for all collective measures taken to protect both data and analytical processes from theft, attacks or all other malicious activities. Just like other forms of cybersecurity, big data security is about attacks originating from every online or offline sphere. Companies operating on the cloud face multiple challenges including online information theft, DDoS attacks and ransomware.