The latest News and Information on CyberSecurity for Applications, Services and Infrastructure, and related technologies.
Regulating access to resources is a fundamental measure for enterprises to ensure the security and reliability of a system. The last thing you need is a stolen or weak password to give up the keys to the proverbial kingdom. With role-based access control (RBAC), this risk is mitigated by providing only the necessary access so a user in your organization doesn't have more access than needed.
cf-runagent is a component for triggering remote agent runs using the CFEngine network protocol. It does not allow for arbitrary commands to be executed, but rather asks the remote host to run the policy it already has. To trigger cf-runagent from other systems or web interfaces, you want to be able to run it as non-root.
In a hyper-connected world, the threat landscape is undoubtedly evolving. Ensuring the security of your enterprise networks on a daily basis is essential to protect your business, no matter how big (or small) it is. According to SophosLabs’ 2019 threat report, one dangerous ransomware called SamSam cost companies $6.5 million ($10K to $50K per ransom).
Today we’re announcing version 2.0 of the Sysdig Cloud-Native Visibility + Security platform. It provides a more powerful and significantly simpler way for enterprises to see the health, risk, and performance of their cloud-native environments in a single unified view.
AWS is the most popular cloud platform for enterprises, and with good reason. Amazon has massive infrastructure around the world, and many years of experience with it. Whether your network is completely on the cloud or you have a hybrid network, using AWS saves your business a lot of money and physical space. You benefit from Amazon’s tremendous economies of scale, and a lot of the tedious work involved in maintaining a network can be delegated to them.
Scenario Linux has a number of built-in tools, commands and files which can track and store information about every user activity. These tools are common in most Linux distributions and can be used to investigate suspicious logins or failed login attempts into the system. In this article, we will talk about some of the initial methods to identify possible security breaches. We will use an Amazon EC2 instance to show these commands.
New technologies often require changes in security practices. What is remarkable about containers and Kubernetes, is that they also provide the potential for enhancing and improve existing security practices. In this post, I will share a model that we use at Nirmata to help customers understand security concerns and plan Kubernetes implementations that are secure.
