Security has always been a wide and complex topic. A recent survey from StackRox about the state of containers and Kubernetes security provides some interesting data on these topics. In this blog post, I’ll dive into some of the findings in that survey and introduce you to Kubewarden, an open source policy engine. A staggering 66 percent of the survey participants do not feel confident enough in the security measures they have in place.

The marketplace for mobile apps is a broad and highly competitive one. There are millions of apps available on Apple’s App store, Google Play, and within private enterprise app stores. Expanding market demands continue to drive the pressure to innovate. New iOS and Android updates and mobile device releases, along with myriad apps from companies vying for their customer’s attention, are creating shorter app release cycles.

I’ve been updating some of our security documentation explaining what we do to ensure our product is suitable for the security models in regulated industries, such as finance and healthcare. Talking to our security guys, I was flabbergasted to find out that there are monitoring products out there that go against what is not only an industry best practice but also the right thing to do: agents that open and listen on fixed TCP ports!

Anybody who’s looked for answers on the Internet has likely stumbled across a “TOP X LISTS”: The “10 things famous people do every day”, “Top 10 stocks to by”, the “20 books you have to read” are just some examples of the myriad of lists that are out there offering answers. You may have even stumbled upon a few “Top 10 (or 12) Events To Monitor” articles too.

Kubernetes capacity planning is one of the main challenges that infrastructure engineers have to face, as understanding Kubernetes limits and requests is not an easy thing. You might be reserving way more resources than you need to ensure your containers don’t run out of memory, or are CPU throttled. If you are in this situation, you’re going to be charged for those resources even if they aren’t being used, and it will also make deployments more difficult to schedule.

Ivanti Federal CTO, Bill Harrod, shares his take on the recent cybersecurity Executive Order issued by President Biden.

If you have been following the news or trying to buy gas in Atlanta, you probably have already heard about the ransomware attack on one of the most important strategic pipelines in the US. 2020 saw ransomware attacks skyrocket and now 2021 seems to be following the trend. The current situation begs us to rethink how we think about our security practices and mindset. One area of security that you may have heard about is Zero Trust (ZT).

With the surge of endpoints and growing demands for access to data, public sector organizations have seen an increase in security threats since the onset of the pandemic. Against this backdrop, Elastic gathered industry leaders to learn how to manage these challenges and demands and build a path toward the future. The recent State and Local Government & Education ElasticON Public Sector event showcased the tech solutions that are delivering for constituents, faster.

Today I’m happy to share more about our partnership with Swimlane, which further reinforces our commitment to empowering security teams everywhere. Today’s security teams rely on the power of Elastic’s high-speed, cloud-scale analytics to solve their most complex and pressing security issues. Swimlane’s security automation platform provides a way for these same teams to accelerate and optimize their workflows for max efficiency and to solve SOAR use cases.

Properly analyzing the massive amounts of data created by network access and the associated security tools has become a very tedious chore. Today’s cybersecurity professionals are seeking ways to better deal with the massive influx of information so that they can make intelligent choices when it comes to the cybersecurity posture of their networks. Selecting the proper tools is an important task which merits investigation.