Container use continues to grow, and Kubernetes is the most widely adopted container orchestration system, managing nearly half of all container deployments.1 Successful integration of container services within the enterprise depends heavily on access to external resources such as databases, cloud services, third-party application programming interfaces (APIs), and other applications. All this egress activity must be controlled for security and compliance reasons.

Using Node.js on the web generally involves a server framework, like Express, Hapi, or Koa. These make working with the underlying HTTP support easier. Sometimes you need the full power of a framework, but in other cases that can be overkill. In this article, we'll ignore the benefits of a framework and look at the underlying features of Node's HTTP module and how you can use it to create a web server. In future articles, we'll examine other features of the HTTP module.

Building an in-house SOC represents a significant commitment, both financially and strategically, to securing your enterprise. In a report from the Ponemon Institute—based on a survey sponsored by Devo of more than 500 IT and security practitioners—67 percent of respondents said their SOC was “very important” or “essential” to their organization’s overall cybersecurity strategy.

As the Coronavirus (COVID-19) reality hits home, retail banks and credit unions all over the globe have been quick to respond to customer and employee safety concerns. In Canada last week, we witnessed the Big Six – Bank of Montreal, CIBC, National Bank of Canada, RBC, Scotiabank and TD – temporarily closing branches and encouraging customers to shift their interactions to ATMs, online and mobile banking channels.

Last month, we hosted a webinar, Hunting for persistence using Elastic Security, where we examined some techniques that attackers use in the wild to maintain presence in their victim’s environment. In this two-part blog series, we’ll share the details of what was covered during our webinar with the goal of helping security practitioners improve their visibility of these offensive persistence techniques and help to undermine the efficacy of these attacks against their organization.

There are a lot of security ratings providers now, and choosing the right one can be overwhelming. That's why we wrote this post to make it as easy as possible to help you compare RiskRecon and UpGuard. Regardless of whether you're a CISO, Vice President of Security or an individual contributor, it's safe to say you understand how important cybersecurity risk management is.

We’re all working together to help slow the spread of COVID-19 through new policies and guidelines such as working remotely and socially distancing ourselves from others. Working remotely can be challenging. I can offer some advice about working remotely, as I have worked both remotely and in a travel capacity for over 10 years, and I really love working that way. Here are a few things I regularly do to ensure success while still managing a work-life balance.

Risk management has become a veritable alphabet soup. The advent of the digital age is partly to blame. Virtually every organization is “going digital,” in a growing number of areas. Retail is now “e-tail”; manufacturing plants are increasingly automated; nearly every step of the hiring and contracting process happens online, from the application process to background checks to payroll and beyond.

Whether you are reading this from somewhere in the United States or overseas, chances are you are doing it from the comfort of your home. Not because you chose to but because you were asked to do so in order to prevent Coronavirus disease 2019 (COVID-19) from spreading any further. If you are a parent, working remotely with your kids at home, you are probably facing additional challenges.

Like many of my peers, my role as a Chief Security Officer (CSO) has dramatically changed as we work to understand and adapt to COVID-19. It’s hard to believe that just a few weeks ago, my mind was focused on things such as FedRamp and the California Privacy Act (CCPA), now the majority of my time is focused on ensuring our employees safety and productivity, so they can continue to deliver products and support our customers and partners.