Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

Latest News

Vulnerability, Threats, Exploits and their relationship with risk

When protecting an organisation against cyber attacks, the words security threats, vulnerabilities, risk exposure, and sometimes exploits are seen very commonly. Unfortunately, these terms are not used correctly or interchangeably and are often left undefined.

How Big is Your Attack Surface? - The So What About Third Party Vendors

Your organization’s attack surface can be a tricky thing to monitor. In our connected world, it seems like your attack surface is always expanding. That’s probably true. Attack surface expansion has exploded, driven by cloud adoption, the use of SaaS (software as a service) tools, and the fact that so many organizations have come to rely on third-party vendors.

Building Docker images in Kubernetes

Hosting a CI/CD platform on Kubernetes is becoming more common among engineers. This approach saves time through automation, ensures consistent deployments, and makes it easier to monitor and manage microservices. However, building container images in Kubernetes clusters involves some technical hurdles that require workarounds. In this article, we’ll explore some ways to build Docker images in a Kubernetes cluster for CI/CD processes.

KubeCon EU 2022. Why you need Teleport in your Kubernetes Infrastructure

Every Kubernetes developer’s favorite time of year is just around the corner, Kubecon EU 2022! Whether you’re attending in person in beautiful Valencia, Spain, or watching the conference from your couch at home, here are a few reasons why — if you operate any Kubernetes infrastructure — you need Teleport.

Small Talk: the small business recovery journey

It’s a tough time for small business owners and their employees. Surging operational costs and supply chain issues are colliding with a rate of inflation that’s limiting how much consumers are willing and able to spend. And as the pandemic continues, there could be more legal and economic hurdles on the way. Startups and other small businesses are fighting to keep their doors open, or to open them in the first place.

Compliance does not equal security: 7 cybersecurity experts share their insights

It is often stated that security is hard. Whether it is the people, processes, and technology, or any combination of the three, security is a never ending challenge. Conversely, compliance is the opposite. Compliance is relatively straightforward. For too long, and for too many organisations, meeting a compliance standard was seen as a satisfactory way to boast of security. The competing ideologies of security versus compliance have long vexed even the most optimistic cybersecurity professional.

Log4Shell, Splunkbase, and You: A Message From Your Friendly Neighborhood Cybersecurity Engineer

Call me David. As you might have heard, Log4Shell, “the single biggest, most critical vulnerability ever”1 was recently disclosed to the public. You may even have seen us make mention of it here, here, here, or even maybe here. Splunkbase was impacted by way of apps both made by Splunk and third-party developers.

CMMC 2.0 Certification Costs

With the release of CMMC 2.0, and the significant changes that come with it, we have to update our cost expectations. This post covers whether CMMC is appropriate for your business, provides a cost breakdown of the 3 major effort areas, offers a rough estimate of the costs of CMMC compliance, and answers the question of whether an expert can save you time and resources.

Official Close of TA Investment Sparks Next Step of Veracode Journey

Recently I shared with you our excitement about our agreement with TA Associates (TA) to make a significant growth investment in Veracode. I am pleased to share that the deal is now closed, opening up a tremendous new chapter in Veracode’s journey.