Container security is not a unitary action but a multifaceted process. It involves securing the build environment using secure code control and other strategies. The procedure also necessitates securing containers’ contents via code analysis and unit tests.
It’s been a busy summer at AlienVault! Amid some major company announcements, we continue to evolve USM Anywhere and USM Central with new features and capabilities that help you to defend against the latest threats and to streamline your security operations. You can keep up with our regular product releases by reading the release notes in the AlienVault Product Forum. Here are a few of the highlights from our July and August 2018 releases.
It is a well-known fact that legacy equipment shall continue to play a crucial role in the continuity and stability of critical infrastructure, especially in industrial control systems. A recent Center for Digital Government survey found that 70% of respondent agencies depend on legacy infrastructure for their operations.
Back in the good old days, we used to have to order physical servers to run our applications. When servers became too expensive, we found efficiency in virtualization. Why have one box running one server when I could have 10 or more on a single box? Who would have thought I could simply push a button and have a server ready in minutes as opposed to weeks?
Recently, when discussing Chrome’s current push to get everyone onto HTTPS, we touched upon the TLS handshake, mentioning that the latest version of TLS was version 1.2. Since then, TLS version 1.3 has been made available for use, successfully dating our literature that was previously held with such high esteem. Of course, TLS v1.3 still has to be adopted and implemented by the Internet in general, so for the most part 1.2 will still be the most prominently used version for a while yet.
A selection of this week’s more interesting vulnerability disclosures and cyber security news. We all know its great adding cool features to stuff, but what’s not great if its not thought through well enough so as to be a potential issue down the line. Looks like we have a bad idea which in retrospect is potentially out to get us…
During a penetration testing engagement, it’s quite common to have antivirus software applications installed in a client’s computer. This makes it quite challenging for the penetration tester to run common tools while giving the clients a perception that their systems are safe, but that’s not always the case. Antivirus software applications do help in protecting systems but there are still cases where these defenses can be bypassed.
At Egnyte, we love building new ways to help our customers use and deploy integrations within their organization. But as an organization grows, they might need more flexibility and control over which employees use which integration.
A Data Protection Officer (DPO) is a lot like a little angel on your shoulders, except instead of a little harp, they have a complete understanding of GDPR and other data protection laws. Their job is to make sure you don’t listen to the devil on your other shoulder encouraging you to do all sorts of non-compliant things, like process data unlawfully or without permission.
A selection of this week’s more interesting vulnerability disclosures and cyber security news. Been a strange week, always is, but this time some really dumb self inflicted breaches and own goals that defy belief. What I will focus on this week is the future, the dark looming cloud that is brewing from badly thought-out out approaches to dealing with an age old problem.
