Phishing happens. It is probably happening as you read this. Right now, some well-defended company is having data under its care exposed. This data may contain sensitive information, such as login credentials, and in many cases, it is only known that an attack of this type has taken place after the fact. Protecting yourself and your employer against phishing attacks relies foremost on critical thinking; however, there are some business processes and technologies that can help.

One of the key Kubernetes security concepts is that workload identity is tied back to information that the orchestrator has. The orchestrator is actually the authoritative entity for what the actual workloads are in the platform. Kubernetes uses labels to select objects and to identify collections of objects that satisfy certain conditions. We, and others in the Kubernetes networking space, often talk about using Kubernetes ‘labels’ as identity bearers.

If you maintain a regular practice of keeping log data, you probably have an established way of observing event logs in real time or you do it by using batch processing. There are two ways you can monitor event logs: manually and automatically. By monitoring event logs, you can gain deeper insight into system metrics, localize process bottlenecks, and detect security vulnerabilities. What are some other advantages of event log monitoring, and how can you get the most out of it?

DNS, the Domain Name Service, is the Internet service that translates IP addresses into hostnames, and visa versa. It enables you to type www.exoprise.com in a browser, or send an email to someone at that domain, and have your request actually go to 35.172.52.247. As a vital part of the Internet infrastructure, DNS attacks can have a serious impact on your online operations, including access to your website and email.

SIEM has been with us for almost two decades now and is seen as a proven approach to dealing with potential threats as well as actual attacks on business critical systems. But today, it is becoming clear that changes in IT infrastructure and deployment practices are giving rise to new challenges that cannot be met by existing SIEM platforms.

It’s a sad but common truth that not all network devices are built with security in mind. Some ship with default credentials like admin / admin, with SNMP set to public, or with operating systems that haven’t been updated in years. As with any other device, it’s important to practice good hygiene when managing network devices. Good hygiene means things like keeping firmware up to date, changing credentials away from the defaults, and refreshing end-of-life hardware and software.

You know the saying: "better safe than sorry." In information technology, that phrase usually refers to backups and disaster recovery — having redundant data and infrastructure in place to help mitigate risk when something inevitably goes wrong.

We’re happy to announce that ManageEngine has been positioned in Gartner’s Magic Quadrant for Security Information and Event Management[i] (SIEM) and its Critical Capabilities for Security Information and Event Management[ii] research report for the third consecutive year.

The increase in ransomware attacks and high-profile data breaches over the last few years has reinforced the importance of data security. It should be noted that WannaCry infected more than 300,000 computers worldwide, encrypting sensitive business data and disrupting productivity for an entire week.

This article analyzes the recent CNCF article, '9 Kubernetes Security Best Practices Everyone Must Follow' and discusses how Rancher, RKE, and RancherOS satisfy these by default. I also discuss the Rancher Hardening Guide, which covers 101 more security changes that will secure your Kubernetes clusters.