As organizations increase their cloud footprints, it becomes more and more important to implement access control monitoring for as many resources as possible. In previous playbooks, we have shown examples of AWS and Azure account monitoring, but the series would not be complete without also supporting Google Cloud Platform (GCP).
Businesses need to act now to survey their supply chain, developing the capacity to anticipate and respond to supply chain risks, minimizing the impact and optimizing opportunity. In March, the world witnessed a curious scene. A container ship longer than the Empire State Building became lodged in Egypt’s Suez Canal, creating an incredible spectacle as heavy construction equipment and a fleet of tug boats tried to dislodge the vessel from the canal walls.
It’s the stuff of IT managers’ nightmares and it is coming to a server near you: ransomware attacks, phishing schemes, privacy breaches, and other yet-to-be imagined cyber threats aiming to pilfer the sensitive data stored on your IT systems. Cybercriminals target large companies like Microsoft, Equifax, Expedia, and Barnes & Noble just to mention a few big victims from 2020.
The recent ransomware attack on Colonial Pipeline is reportedly one of the most significant cyberattacks on the energy sector till date, and it has overwhelmed cybersecurity experts across the globe.
Today, more organizations than ever use Open Policy Agent (OPA) as the de facto standard for policy enforcement across the cloud native stack. A graduated project from the Cloud Native Computing Foundation (CNCF), OPA has dozens of use cases — from Kubernetes guardrails, to microservices authorization, to infrastructure-as-a-service controls — that are leveraged by millions of users.
We’re excited to share that we have enhanced our partnership with Atlassian. In support of this partnership, today we are releasing full availability of the new integration, which natively embeds Snyk into Bitbucket Cloud for security. The Snyk security integration is free and easy to set up with just a few clicks inside the Bitbucket Cloud product. For the first time, developers can consume information that was previously only available inside Snyk now within Bitbucket Cloud.
Remote workforces accessing applications and data that are located anywhere is the “new normal.” Across the globe, organizations of all sizes are struggling to modernize their infrastructures to accommodate this new reality while accelerating their digital transformation initiatives.
By Jonathan Leitschuh; Daniel Elkabes, Senior Security Researcher at WhiteSource; Ofir Keinan, Software Developer at WhiteSource The latest Maven release 3.8.1 contains a fix to security vulnerability CVE-2021-26291. Detected and reported by security researcher Jonathan Leitschuh, the vulnerability affects over 100,000 libraries in Maven Central, according to the WhiteSource security research and knowledge teams.
The responsibility for compliance with GDPR privacy laws, and the consequences of non-compliance can vary greatly from one organization to another. Often it is not clear who is responsible for data protection – whether or not they are a “data controller” or “data processor” – but here are some guidelines in order to help you determine which category your company falls into so as to best take necessary precautions against breaches or other potential illegalities.
Are you a DigitalOcean vendor or user and developing or deploying a Kubernetes application? You may want to preserve your cluster configuration, backup your persistent volumes to protect them from ransomware, accidental deletion, and long-term retention policies. CloudCasa is the only data protection and disaster recovery solution that has been tested and certified as a 1-Click appliction with DigitalOcean Kubernetes and available in their marketplace.
