Before the world transitioned to digital-first onboarding due to cellphones, high-speed internet, and a pandemic; Banks, financial institutions, and other organisations could verify identities by physically comparing a person’s face to a photo ID. Of course, one could hardly just accept the certification at face value—no pun intended.

You’ll probably agree that there are barely any organizations left that don’t use some form of cloud computing in their daily operations. In fact, the cloud computing market is booming, with various sources expecting a worth of upwards of $600 billion within the next two years. And it makes sense: Cloud computing is the cheaper, scalable, easier-to-manage young cousin of yesteryear’s private server.

As cyberattacks continue to grow relentlessly, enterprises have to continue improving their cyber defenses to stay one step ahead of the adversaries. One area that CISOs have recently started paying more attention is identity threat protection. This is not surprising considering 80% of modern attacks are identity-driven leveraging stolen credentials. In fact, identity threat detection and response is highlighted as one of the top trends in cybersecurity in 2022 by Gartner.

Exactly one year ago, ARMO released Kubescape to the market with a vision to make Kubernetes security open source, simple, and available for everyone.

Security is a journey, not a destination. Every organization — no matter their size or age — should be constantly working to level up their cybersecurity. It’s the kind of process that can be continually reworked, reevaluated, and honed as organizations grow and evolve, and as the cyber threat landscape changes. The question, of course, is where to start?

Threat intelligence has become a significant input to the overall ecosystem that organizations leverage in their security footprint. Managing that data and the contextualization required to develop useful information can be daunting for fledgling and established organizations. I will discuss ways to automate some of the repetitive tasks and fuel other areas of the security organization to help them better achieve their mission sets.

AWS Security Groups (and Network ACLs and VPCs) are some of the fundamental building blocks of security in your cloud environment. They are similar to firewalls but are not the same thing. You have to understand this topic very well before you begin building in the cloud, because there are some subtle differences in how they are used, and you need to follow best practices. You should know your public cloud provider is contractually bound to honor its side of a shared responsibility model.

Knowing the credentials for any user account in your network gives an adversary significant power. After logging on as a legitimate user, they can move laterally to other systems and escalate their privileges to deploy ransomware, steal critical data, disrupt vital operations and more. Most organizations know this, and take steps to protect user credentials.

Snyk provides plugins or extensions for Visual Studio Code, Jetbrains IDEs like IntelliJ, WebStorm, PHPStorm, GoLand, and Visual Studio. But have you ever wanted to integrate Snyk in your daily work when your favorite editor or IDE is Vim, Emacs, Sublime, or Eclipse? This is going to be possible soon, as we’ve published our Eclipse plugin, including the new Snyk Language Server Protocol.

Whether you’re migrating to the cloud via lift-and-shift deployments, or re-architecting to a cloud-native architecture, the migration itself and adopting a microservices architecture is no easy feat. To accelerate their cloud-native journey, many organizations opt for a managed Kubernetes service, as the skill and resources required to run a container orchestration system at scale are demanding.