Open Policy Agent in Practice: From Angular to OPA in Chef Automate
From the Open Policy Agent Summit at KubeCon, Michael Sorens from Chef discusses how OPA provides granular authorization within applications:
Security | Threat Detection | Cyberattacks | DevSecOps | Compliance
The Latest Cybersecurity News & Insights From Around The World
%term
Open Policy Agent at Scale: How Pinterest Manages Policy Distribution
From the Open Policy Agent Summit at KubeCon, Jeremy Krach and Will Fu discuss how OPA policies are authored, distributed, and utilized at Pinterest (service mesh, kafka, internal tools). They also cover lessons learned in the process.
TripAdvisor: Building a Testing Framework for Integrating Open Policy Agent into Kubernetes
From the Open Policy Agent Summit at KubeCon, Luke Massa from TripAdvisor discusses how he leveraged OPA’s API and unit test framework. The example shown is a system in which you write k8s admission policy alongside some mock changes to the cluster, some of which should be accepted and some of which should not be, and then run code that tells you whether your policy matches your expectation.
Deploying Open Policy Agent at Atlassian
From the Open Policy Agent Summit at KubeCon, Chris Stivers and Nicholas Higgins from Atlassian walk through their journey building a global authorization platform with Open Policy Agent and the help of Fluentd, S3, CDN's, Amazon Kinesis, and many more.
Open Policy Agent for Policy-enabled Kubernetes and CICD
From the Open Policy Agent Summit at KubeCon, Jiummy Ray from CapitalOne discusses how you can satisfy compliance, governance, and security requirements effectively with OPA.
17 Ransomware Examples
Ransomware, a type of malicious software or malware, is designed to deny access to computer systems or sensitive data until ransom is paid. While ransomware has been around for decades, ransomware attacks are becoming more sophisticated, spreading through phishing emails, spear phishing, email attachments, vulnerability exploits, computer worms and other attack vectors.
What is Fileless Malware?
Did you know cybercriminals don't need to place malware on your system to get in? Travis Smith, Principal Security Researcher at Tripwire, explains how fileless malware works and how to defend against it.
PSA: Beware of Exposing Ports in Docker
Docker is an awesome technology, and it’s prevalent in nearly every software developer’s workflow. It is useful for creating identical environments and sharing them between development, testing, production, and others. It’s a great way to ship a reliable software environment between systems or even to customers. However, like with any technology, one must know how to be secure when using it.
What is Sextortion?
What is Sextortion? Sextortion is a way of criminally extorting money from a victim or forcing the victim to carry out an act unwillingly. More often than not, the attacker threatens to publicly release embarrassing, personal images or video footage of the victim. Pornographic blackmail is commonly the angle used in sextortion.
The New Sumo Logic AWS Security Quick Start
Security is a top concern for any enterprise to move their applications and workloads to the public cloud. AWS offers a broad selection of native security tools and as our Continuous Intelligence Report noted, AWS customers are using several of these to improve the security of their AWS environment. However, it can be overwhelming to know where to start and how to deploy best practices for detecting security misconfigurations caused by human errors and attacks from external sources.