Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

Blog

Announcing the Sysdig Cloud-Native Visibility + Security Platform 2.0

Today we’re announcing version 2.0 of the Sysdig Cloud-Native Visibility + Security platform. It provides a more powerful and significantly simpler way for enterprises to see the health, risk, and performance of their cloud-native environments in a single unified view.

What is AWS GuardDuty

AWS is the most popular cloud platform for enterprises, and with good reason. Amazon has massive infrastructure around the world, and many years of experience with it. Whether your network is completely on the cloud or you have a hybrid network, using AWS saves your business a lot of money and physical space. You benefit from Amazon’s tremendous economies of scale, and a lot of the tedious work involved in maintaining a network can be delegated to them.

Understanding "container security"

Do you docker? Without a doubt, containers are one of the hottest concepts in application delivery and security these days. And that’s a very good thing. Containers have tremendous advantages over the way we have done things in the past. But how should containers influence a threat detection and response strategy? Do I need a larger “container security” strategy to get started deploying my apps using container architectures?

Weekly Cyber Security News 05/04/2019

A selection of this week’s more interesting vulnerability disclosures and cyber security news. It’s been a while since we had reports of a Node.Js module repo tainting, this time though, it appears that its Ruby’s turn to suffer along with Google scoring an own goal. Trust in the code library supply chain shows once again that mistakes can have a wide ranging impact. I don’t have any solutions. Does anyone?

What Your Kubernetes Security Checklist Might Be Missing

New technologies often require changes in security practices. What is remarkable about containers and Kubernetes, is that they also provide the potential for enhancing and improve existing security practices. In this post, I will share a model that we use at Nirmata to help customers understand security concerns and plan Kubernetes implementations that are secure.

Detectify security updates for 4 April

For continuous coverage, we push out major Detectify security updates every two weeks, keeping our tool up-to-date with new findings, features and improvements sourced from our security researchers and Crowdsource ethical hacker community. Due to confidentially agreements, we cannot publicize all security update releases here but they are immediately added to our scanner and available to all users. This post highlights a few things that we have improved in the last two weeks.

Vulnerability Management: Myths, Misconceptions and Mitigating Risk

Vulnerability Management is a much-talked-about practice in the IT security industry. Whether it is the debate on vulnerability scoring, how to implement a suitable vulnerability management program based on your own resources or even trying to convince leadership a vulnerability management solution alone won’t solve all your cybersecurity issues, the debate is still strong.

Why Should You Investigate Security Threats?

Cyber space is continuously evolving and so are the attack techniques employed by the attackers to harm a business, whether financial or reputational. With the increased malicious activities on the internet, cyber security is not a 9-to-5 job anymore. It requires continuous security monitoring of your organization’s technical infrastructure so that even if a security incident occurs, it is contained immediately and mitigated without causing large-scale damage to the organization.