Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

Containers

Sysdig Stands Alone: GigaOm Names Sysdig a Leader and Outperformer for Cloud Workload Security

If you follow cloud security, you know the market can be challenging to navigate, as security needs are often complex, span multiple teams, and demand new processes to pair with the expanding roster of technologies Fortunately, the market is starting to mature and coalesce around unifying cloud security technologies that bring together visibility across cloud infrastructure, containers, hosts, and identities.

How Financial Services Organizations Can Stay Compliant - Without Sacrificing Security

The stakes couldn’t be higher for financial services organizations. They have to protect customers’ money and privacy, while complying with technical requirements and governmental regulations. Complying with all those requirements poses a major, ongoing challenge for security teams, which are already under pressure to do more with less. Cybercrime continues to grow, with every industry falling victim, at one time or another.

Mastering Kubernetes in on-premises environments

In the era of cloud computing, Kubernetes has emerged as a true cornerstone of cloud-native technologies. It’s an orchestration powerhouse for application containers, automating their deployment, scaling, and operations across multiple clusters. Kubernetes isn’t just a buzzword; it’s a paradigm shift that underpins the scalability and agility of modern software.

Why context matters in Kubernetes security

There are things in the world that are absolute, and there are things that are relative. For example, it is an absolute truth that the middle three Star Wars episodes were better than the prequel three. But if we are talking about security, it is mostly accepted to be relative as it is a well-accepted thesis that there is no absolute security. Every system can eventually be broken. Like in the joke about the two folks who are attacked by a lion.

Fuzzing and Bypassing the AWS WAF

The Sysdig Threat Research Team discovered techniques that allowed the AWS WAF to be bypassed using a specialized DOM event. Web Application Firewalls (WAFs) serve as the first line of defense for your web applications, acting as a filter between your application and incoming web traffic to protect against unauthorized or malicious activity. In this blog post, we will analyze one of the most commonly used Web Application Firewalls, the AWS WAF, and explain ways that allowed it to be bypassed.

Calico Egress Gateway: How to provide a stable public network identity for EKS workloads to securely connect with approved SaaS

Many organizations have adopted IP address allowlisting for their corporate cloud applications as an added layer of security. Many sanctioned cloud applications and web services enforce access restrictions based on the source IP address of incoming traffic. To establish a connection with these remote SaaS services, your traffic must originate from a particular IP address that is pre-registered. Any traffic originating from different IP addresses will be denied access by these remote applications.

Don't get hacked! Apply the right vulnerability metrics to Kubernetes scans

This is not a beginner’s blog post. As such, we will not tell you about the importance of securing your Kubernetes infrastructure (it’s important). However, if you are here to learn about increasing the efficiency of your security work and the blind spots you may have, you have come to the right place. You may have heard of and are already using CVSS as your gold standard for vulnerability prioritization.

Deploy multi-tenant Red Hat OpenShift clusters with Calico's namespace and workload isolation

As you are using OpenShift or are planning to use it for your containerized applications, ensuring robust security is crucial. As you dive deeper and your workloads become more complex, the need for advanced security measures becomes apparent. This is where Calico’s microsegmentation capability helps to achieve tenant and workload isolation. Let’s explore how Calico can be a game-changer in strengthening the security posture of your OpenShift environment.