Back in 2002 when I was a (very) junior programmer at a German enterprise software company I was lucky enough to be part of a small team that was building what you would now call a SaaS app. Up until now, the company had made all their profits by selling desktop software written in a language most people likely have never heard of: FoxPro. But instead of spending my days debugging FoxPro code, I was now green fielding JAVA web services.

When an organization is ready to deploy a new solution, or build a new system, there is often a continuing discussion about the relative merits of using the cloud versus deploying on-premises. While there are a number of aspects that play into this decision, it is not always clear which is the better solution for security and compliance. Typically, deployment issues are not clear because security and compliance solutions quickly change when you are using shared vs. dedicated environments.

Cloud networks are popular targets for cybercriminals and organizations will inevitably face them. If you’ve ever administered a network of any type, you know that DDoS (distributed denial of service) attack attempts are really frequent, and there’s loads of malware out there too.

It seems like hardly a week goes by without news of a security breach. Cyberattacks are becoming more frequent and more severe, costing businesses $600 billion per year according to the 2018 Economic Impact of Cybercrime report. Without a strong security policy in place, businesses risk falling victim to new threats while losing the trust of their customers.

In September 2017, the National Institute of Standards and Technology (NIST) released Special Publication (SP) 800-190, Application Container Security Guide. NIST SP 800-190 explains the security concerns associated with container technologies and recommendations for the image details and container runtime security. It provides prescriptive details for various sections including image, registry, orchestrator, container and host OS countermeasures.

As with any other operating system, security is a prime concern with Linux network hardware. In this article, we’ll be giving some recommendations on how to toughen the security posture of your Linux servers. Screenshots and example syntax relate to systems running Kali Linux, CentOS, RHEL, Ubuntu, and Debian-based Linux distributions.