IBM Cloud has made a massive shift to Kubernetes. From an initial plan for a hosted Kubernetes public cloud offering it has snowballed to tens of thousands of production Kubernetes clusters running across more than 60 data centers around the globe, hosting 90% of the PaaS and SaaS services offered by IBM Cloud. I spoke with Dan Berg, IBM Distinguished Engineer, to find out more about their journey, what triggered such a significant shift, and what they learned along the way.

Today we are happy to announce the general availability of CFEngine 3.15.0 beta. CFEngine 3.15 is our upcoming LTS (Long Term Support) release. The main focus of this release has been the new Federated Reporting feature. It also contains a lot of performance work and stability improvements.

Kubernetes 1.16 is almost here and it’s packed with cool new features, like ephemeral containers for easy pod debugging, support for dual-stack network in pods, many new options for the scheduler… And we are just getting started! Here is the list of what’s new in Kubernetes 1.16.

Secrets, i.e. passwords, API keys, certificates, and any other type of credential used for digital authentication, have exploded in number and type. Even small-sized organizations might have thousands of SSH keys for example. Secrets are also a common security weakness often exploited by attackers.

When learning a new technology like Istio, it’s always a good idea to take a look at sample apps. Istio repo has a few sample apps but they fall short in various ways. BookInfo is covered in the docs and it is a good first step. However, it is too verbose with too many services for me and the docs seem to focus on managing the BookInfo app, rather than building it from ground up. There’s a smaller helloworld sample but it’s more about autoscaling than anything else.

Security experts from Google have discovered a new spyware in 24 Play Store apps that, combined, have more than 472,000 downloads. Researchers have stated that this spyware also has the capabilities of normal malware and appears to have infected certain apps in Google Play with more than 100,000 installations. Cybercriminals are deploying this spyware through the advertisement framework in those compromised apps.

In computing, an audit log is a record of an event. An event is any significant action that impacts the hardware or software of a computer – anything from a mouse click to a program error. Besides documenting which resources were accessed and what for, an audit file system will also include the source and destination addresses, the timestamp, and the user ID information.

The rate of cyberattacks is alarming. The number keeps increasing every year. According to the FBI’s 2019 Internet Crime Report, in 2018, cybercrime leads to a $2.7 billion loss. This means that you have to up your game when it comes to protecting your website content. You can prevent cyber attacks by controlling any form of data that comes from users.

In this four-part series, Combating threats with UEBA, we explore hypothetical cyberattacks inspired by real-life events in four different industries: healthcare, finance, manufacturing, and education. We’ll take a look at unforeseen security attack scenarios, and discover how user and entity behavior analytics (UEBA) can be leveraged to safeguard organizations.