Operations | Monitoring | ITSM | DevOps | Cloud

Security

The latest News and Information on CyberSecurity for Applications, Services and Infrastructure, and related technologies.

Run confidently with secure DevOps

The rapid pace of digital transformation is accelerating the shift to cloud-native applications using containers and Kubernetes to speed the pace of delivery. But application delivery is one thing. Application uptime performance and protection are another. For cloud teams already running production one fact is clear, monitoring and troubleshooting are only the beginning. They also need to own security and compliance for their apps. In cloud-native DevOps is not enough. It's time for secure DevOps.

Taking Automation Beyond the SOC With Advanced Network Access Control

Security orchestration, automation and response (SOAR) tools are most commonly known for automating manual security operations processes in order to expedite security investigations or cyber response. For instance, Splunk’s SOAR technology, Splunk Phantom, is most commonly used to automate alert triage, phishing investigation and response, threat hunting and vulnerability management.

Web Access Control Redefined

One of the focuses of version 2.9 of Icinga Web 2 will be on access control. For years on now, Icinga Web 2 had a very simple role based access control (RBAC) implementation. This suited most of our users fine. However, there were still some requests to enhance this further. The next major update of Icinga Web 2 (Version 2.9) and Icinga DB Web will allow users to configure exactly this.

Shifting Security Left: Tools and Best Practices

Software development pipelines typically cycle through key four processes—design, development, testing and software or update releases. Traditional pipelines perform quality and security tests only after completing the development phase. Since there is no such thing as a perfect code, there are always issues to fix. However, if significant architectural changes are needed, fixing them at the end of the process can be highly expensive.

Threat Hunting with Threat Intelligence

With more people working from home, the threat landscape continues to change. Things change daily, and cybersecurity staff needs to change with them to protect information. Threat hunting techniques for an evolving landscape need to tie risk together with log data. Within your environment, there are a few things that you can do to prepare for effective threat hunting. Although none of these is a silver bullet, they can get you better prepared to investigate an alert.

What's the Most Powerful Tool in Your Security Arsenal?

Trying to work out the best security tool is a little like trying to choose a golf club three shots ahead – you don’t know what will help you get to the green until you’re in the rough. Traditionally, when people think about security tools, firewalls, IAM and permissions, encryption, and certificates come to mind. These tools all have one thing in common – they’re static.

How Calico Cloud's runtime defense mitigates Kubernetes MITM vulnerability CVE-2020-8554

Since the release of CVE-2020-8554 on GitHub this past December, the vulnerability has received widespread attention from industry media and the cloud security community. This man-in-the-middle (MITM) vulnerability affects Kubernetes pods and underlying hosts, and all Kubernetes versions—including future releases—are vulnerable. Despite this, there is currently no patch for the issue.

Secure Your IT Assets for an Optimal Return

We’ve officially entered everyone’s favorite time of year—tax season. You can find me rifling through the stack of mail and records I’ve been hoarding over the past year, while my husband calmly reviews his neatly archived digital documents. Completing your tax return forces you to review all your fiscal actions from the past year, which can be made easier with secure digital tracking, tagging, and maintenance along the way.