Despite being a large open-source and complex project, Kubernetes keeps on evolving at an impressive pace. Being at the center of various platforms and solutions, the biggest challenge for the Kubernetes project is to remain vendor-neutral. This is the reason the community has come up with Kubernetes Gateway API.

Companies are introducing new apps and services to enable remote work, improve supply chains and handle disruptions caused by the pandemic. Our digital-first world thrives on speed and efficiency, and containers play a huge part in getting applications up and running quickly. Though containers offer many advantages over traditional virtualization, they also introduce significant security risks.

As businesses continue to adopt cloud integration and remote work increases, security teams are facing more visibility challenges as well as an influx of security event data. There is more need to understand the threats than ever before, as the threat surface area increases, and tactics increase. Cyber threats are becoming more sophisticated and occurring more frequently, forcing organizations to rely on quality threat detection to protect their data, employees, and reputation.

Many databases were born over 25 years ago, back in the unadulterated times of LAN parties and IRC. SSL was just for banks and sending unencrypted database traffic accounts was just how you did things. When databases use unencrypted connections, it means someone with access to the network could watch all and inspect all database traffic.

In the first part of this blog post, we setup SSL/TLS for a MySQL database, using the built in self-signed certificates. The main problem using out of the box self-signed certificates is that clients can't verify that they're talking to the right database host, and it's not possible to verify the certificate chain. In this post we'll cover upgrading the client connection to VERIFY_IDENTITY and how to use Machine ID to continuously renew certificates.

Speaking to people on our neighbouring booths at the UK nuclear decommissioning event, it was clear to see the entire industry is drowning in paperwork.

Learn why Synopsys earned the highest score for the Continuous Testing Use Case in Gartner’s latest report. Gartner recently released its 2022 “Critical Capabilities for Application Security Testing” (AST) report, and I am delighted to see that Synopsys received the highest score across each of the five Use Cases.

This post is applicable to Business plan and Enterprise plan customers. Adopting a new platform can seem intimidating, but with Snyk it doesn’t have to be. We have three tips to help you roll out Snyk, and have a seamless and successful first 30 days across your business or enterprise. Before you start inviting team members and importing projects, you’ll want to consider your account strategy, set up single sign-on (SSO), and configure your first organization.

Transport Layer Security is a security protocol used for facilitating seamless and safe communication between servers and web browsers. Put it his way, TLS encrypts data so that only the intended recipient and the sender can access it. Currently, TLS 1.2 and TLS 1.3 are the most commonly used TLS versions. After some major upgrades, TLS’s 1.3 version has emerged as one of the most extensively used and the safest security protocols for websites that need a high-end encryption service.

Everyone loves buzz words, no? Red team is the newest (well... not that new) coolest thing on the streets of information security city and many cybersecurity pros want to jump right in and become involved in Red team activities at their company. However, there is more to being a Red team member than just signing up.