the k8s-security-configwatch GitHub Action, an open source tool from Sysdig, secures your GitOps workloads by detecting changes on your Kubernetes security configuration.

A network security assessment is an audit designed to find security vulnerabilities that are at risk of being exploited, could cause harm to business operations or could expose sensitive information.

The most recent National Institute of Standards and Technology (NIST) guidelines have been updated for passwords in section 800-63B. The document no longer recommends combinations of capital letters, lower case letters, numbers and special characters. Yet most companies and systems still mandate these complexity requirements for passwords. What gives?

In an ever-evolving security world, we to need to secure more with even fewer resources. While the cybersecurity skills gap increases, leaving “350,000 U.S. cybersecurity jobs unfilled yearly,” it is vital to work together to protect our environments and educate others. Creating a customer community can do just that.

GraphQL is a query language for APIs and a set of tools that enable sending and processing queries. While originally developed at Facebook, it has since grown beyond the social network's specific use case. Essentially, the client describes the type of data they want, and the server delivers only that data. At Bearer, we use GraphQL internally to drive our dashboard.

System and Organization Controls for Service Organizations 2 (SOC 2) compliance isn’t mandatory. No industry requires a SOC 2 report. Nor is SOC 2 compliance law or regulation. But your service organization ought to consider investing in the technical audit required for a SOC 2 report. Not only do many companies expect SOC 2 compliance from their service providers, but having a SOC 2 report attesting to compliance confers added benefits, as well.

Thinking about launching a new website? You’ll want a domain to go with that, as well as a brand spanking new email address. But here’s the thing: Before all the fun and excitement of creating a new website can begin, you first have to decide whether or not you want to host your domain, email, and website together with the same provider, or whether you want to keep them all separate.

From maintaining electronic health records and generating medical reports, to carrying out robot-assisted surgeries and setting up online doctor-patient communication portals, the healthcare industry is becoming increasingly reliant on technology to effectively carry out day-to-day operations. While incorporating advanced technology assists healthcare professionals in providing better care for patients, it also increases the attack surface for cybercriminals looking to exploit sensitive data.

Today, we are excited to announce the release of Gravity 7.0! Gravity is a tool for developers to package multiple Kubernetes applications into an easily distributable .tar file called a “cluster image”. A cluster image contains everything an application needs and it can be used for quickly creating Kubernetes clusters pre-loaded with applications from scratch or loading applications contained within an image into an existing Kubernetes cluster like OpenShift or GKE.

Regulatory compliance monitoring is a key component of any cybersecurity program. But it's becoming increasingly difficult to ensure you are meeting your regulatory requirements. Driven by an increasing web of complex extraterritorial laws, industry-specific regulations, and general data protection laws. This is not a valid excuse for non-compliance. Regulators and lawmakers will impose significant fines on organizations that aren't able to align their cybersecurity and compliance programs.