Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

%term

Open Policy Agent user survey validates need for cloud native authz

We recently surveyed the Open Policy Agent (OPA) community to gauge use case adoption, pain points and generally help guide the project. The recent survey results reflect how much the community has grown over the past year. This time we received 204 responses from over 150 organizations across North America, Europe, Asia, Australia and Africa. Over 90% of respondents indicated they are in some stage of OPA adoption (e.g., pre-production, production, etc.).

Kubernetes Security: Lateral Movement Detection and Defense

What is Lateral Movement? Lateral movement refers to the techniques that a cyber-attacker uses, after gaining initial access, to move deeper into a network in search of sensitive data and other high-value assets. Lateral movement techniques are widely used in sophisticated cyber-attacks such as advanced persistent threats (APTs).

The Fundamental Steps Every IT Admin Must Take to Prevent Ransomware

For enterprises that have at least some part of their IT environment in the cloud, the key to protecting data starts with understanding the layers of the cloud stack and their corresponding security risks. Each layer has its own unique threat potential, and when IT teams understand how data transacts at each layer, they can take appropriate measures to safeguard against those threats. One of the most common is ransomware.

Can API Governance Help with Third-party APIs?

APIs are everywhere within your organization. Many may be internal, but we’re willing to bet there are many third-party web services and APIs that your business depends on too. Keeping track of them all, and ensuring that your team chooses the best APIs for their needs can be a challenge. In some cases, your organization may be using an API they don’t even know about. The solution to this “web of APIs” is to apply the concept of API governance to your API dependencies.

Why Zero Trust in IAM is the new way forward

The increasing adoption of cloud applications and an expanding remote workforce are redefining network security. In a traditional setting, the emphasis was on perimeter-based security—assuming that everything behind the corporate firewall is safe. However, it’s clear that organizations have to rethink the philosophy of implicit trust in a corporate network.

Are airports and airlines prepared for cyber threats post COVID-19?

The COVID-19 pandemic has unveiled numerous vulnerabilities and shortcomings in the airline industry. What’s worse for aviation in particular over other industries is how airports have essentially served as the portal for the virus traveling from one country to another across the globe. As a result of severe travel restrictions implemented by nearly every country, airline companies have been hit hard and forced into a dire financial situation.

Continuous Intelligence for Atlassian tools and the DevSecOps Lifecycle (Part 1)

Implementing and operationalizing the best practices and capabilities of DevOps into an organization is a key predictor for increased customer satisfaction, organizational productivity and profitability. Doing so successfully can be a challenging endeavour. Implementing DevOps can be particularly difficult because it oftentimes requires technology changes, process changes and a drastic change in mindset.