In recognition of National Cybersecurity Awareness Month, we’ve outlined some open source dependency best practices to help organizations manage their open source.

Authentication and authorization are two complementary and critical parts of securing cloud-native applications and infrastructure. Yet, there can be some confusion between these terms. The importance of cybersecurity approaches, such as Zero Trust and the principle of least privilege, make it critical to understand and implement appropriate authorization and authentication processes across cloud-native development.

As organizations expand their cloud-native initiatives and increase their use of containers and Kubernetes in production, they face challenges regarding container security, monitoring, data management and networking. To meet this growing need, we’re pleased to announce our certification of Red Hat OpenShift through the CrowdStrike Falcon® platform — giving joint customers comprehensive breach protection for OpenShift nodes, workloads and containers.

The government of a U.S. county announced on September 11 that a recent cyber incident had disrupted its online services. Subsequent coverage of the event has noted that it strongly resembles a ransomware attack. The disruption comes against a backdrop of frequent ransomware activity targeting state and local governments and the education sector.

Love them or hate them, passwords are often the only thing standing between attackers and your sensitive personal and financial information. Despite their importance, less than 50% of people feel very confident that their passwords are secure from compromise, according to a 2021 Security.org survey of password habits. There’s probably a good reason many are worried about their passwords.

Today, we are delighted to announce that Nightfall has launched the first and only DLP solution for Asana. As part of this launch, Nightfall has joined the Asana Partner program as an official Technology Partner. Nightfall’s solution for Asana builds comprehensive data protection into the Asana app.

Hello, I love to look behind the scenes of SecOps teams to learn how they operate. Recently I had the pleasure to work with John Eccleshare, Head of Compliance and Information Security, at bet365 as John took the stage at Gartner Security and Risk Summit in London.

Splunk introduced Federated Search in July 2021 to much fanfare. We won’t go into too much detail about how it works because there is already a great writeup in a previous blog along with Splunk Federated Search documentation.

If you work in IT or DevOps, unless you’ve been living on a remote island without Internet access, you’ve likely heard of Datadog, a popular platform for monitoring cloud applications. Datadog collects and interprets data from various IT resources. The resulting insights assist in managing performance and reliability challenges to deliver a better end-user experience.

Let's first take a look at what DevOps (Developer Operations) is so we can better understand why it has now evolved into DevSecOps (Developer Security Operations). DevOps is a combination of philosophies, practices, and tools that increases a business's ability to deliver better development in less time (Higher velocity). This can be applied to building a new product or the process of continuous improvement that applies to most products we see today.