Hybrid cloud is an increasingly popular infrastructure option for companies in industries from game development to finance. But what is it, and what are the most effective hybrid cloud security practices for protecting your sensitive and regulated data?
When it comes to security, practitioners have to keep a lot they need to keep top of mind. The Open Systems Interconnection (OSI) model provides the fundamentals needed to organize both technical issues and threats within a networking stack. Although information security is shifting to a cloud-first world, the OSI model still continues to prove its relevance. We’ll cover four key reasons why the OSI model still matters and how you can operationalize it in today’s world.
How many third-party APIs is your application consuming? All modern FinTech companies rely on external APIs to run their business. Take Robinhood for instance: the famous investment application is using the Plaid API to connect to its users’ bank accounts, the Xignite API to get financial data, and the Galileo API to process payments. That is only the beginning. The essential parts of their service could not run without consuming third-party APIs.
Knowing what could hurt you can help you. That’s the point of the nonprofit MITRE’s 2020 Common Weakness Enumeration (CWE) Top 25 Most Dangerous Software Errors (CWE Top 25) list, released a few weeks ago.
Shady deals often occur in darkness – criminal activities require secrecy to cloak their illicit nature. Today, you can find those dark places on the fringes of the internet, known as the Dark Web. More often than not, this is the place where cybercriminals go to monetize the data they’ve acquired as the result of a breach.
Discover how Kube-apparmor-manager can help you manage AppArmor profiles on Kubernetes to reduce the attack surface of your cluster. AppArmor is a Linux kernel security module that supplements the standard Linux user and group-based permissions to confine programs to a limited set of resources. AppArmor can be configured for any application to reduce its potential attack surface and provide greater in-depth defense.
On September 14, CVE-2020-14386 was reported as a “high” severity threat. This CVE is a kernel security vulnerability that enables an unprivileged local process to gain root access to the system. CVE-2020-14386 is a result of a bug found in the packet socket facility in the Linux kernel. It allows a bad actor to trigger a memory corruption that can be exploited to hijack data and resources and in the most severe case, completely take over the system.
For most companies, security and IT systems are growing in complexity, breadth of scope, and coverage, which consumes budget and staff time. The rapid breakdown of the traditional perimeter in this “new normal” world increases the challenges IT teams and remote users face on a daily basis.
Theoretical physicist Stephen Hawking was spot on when he said, “Whether you want to uncover the secrets of the universe, or you just want to pursue a career in the 21st century, basic computer programming is an essential skill to learn.” It’s no secret that programming is a thriving career path – especially with the speed of software development picking up, not slowing down.
During the late 1990s, security professionals were using information assurance tools in concert with vulnerability scanners to detect and remove vulnerabilities from the systems for which they are responsible. There’s just one problem – each security vendor has its own database with little to no crossover.
