Cybersecurity frameworks are blueprints for security programs. Typically developed by governmental organizations, industry groups, or international bodies, they take the guesswork out of developing defense strategies, providing organizations with standards, guidelines, and best practices to help them manage and reduce their cybersecurity risks.

Containerization has revolutionized application development, deployment, and management – and for good reason. The ability to automatically wrap an application and its dependencies into a single, easily deployable package helps developers focus on what they do best: writing code.

In today’s connected world, many organizations’ “keys to the kingdom” are held in identity and access management (IAM) solutions; these play a crucial role in protecting organizations’ assets. In this post, we delve into the world of Keycloak, a popular open-source IAM solution. As part of our work at CyberArk Labs, we research open-source projects and look for security issues so we can share our findings with the open-source and security communities.

Imagine standing in your favorite ice cream parlor, gazing at myriad flavors chilling behind the counter. The choices are tantalizing, from traditional vanilla and chocolate to a swirl of the two. Ice cream flavors have evolved from these bases into cookies and cream, mint chocolate chip, Neapolitan, birthday cake, Rocky Road, butter pecan and coffee – you get the picture. Ice cream is a lot like privileged access management (PAM) solutions.

A security flaw that impacts specific versions of GitLab's Community and Enterprise Edition products was just detected. This vulnerability can be exploited to execute pipelines under any user's credentials. GitLab is a web-based DevOps platform offering tools for software development, version control, and project management. Launched as an open-source project in 2011, it has become a powerful solution used globally by millions.

2024 is expected to be another year of strong growth in the SASE market. Dell’Oro Group predicts the SASE market will surpass $10 billion by the end of the year “representing more than a doubling of the total market in three years,” according to Mauricio Sanchez, Senior Research Director of Dell’Oro Group. Gartner expects the market for SASE to reach $25 billion by 2027. What’s driving this trend?

Adversaries are not breaking in; they are logging in. The CrowdStrike 2024 Global Threat Report highlights an alarming trend: In 75% of cyberattacks detected in 2023, adversaries gained initial access through malware-free methods. This means they acquired valid credentials via techniques such as password spraying or phishing — or they simply purchased them off the dark web.

Cloud systems were created to maintain information on a comprehensive, accessible, and flexible platform. Although this system is still preferred by many companies, especially multinationals, to facilitate access to information between different teams within organizations, irresponsible use of the Cloud can create serious problems for corporate cybersecurity. Ticketmaster is a recent case in point.

In Arctic Wolf’s The State of Cybersecurity: 2024 Trends Report, we asked organizations what their primary area of concern was regarding cybersecurity, and for the third year running the answer was crystal clear: Ransomware.

Protecting mission-critical Linux machines is essential for any business. Sophisticated cyber attacks can start from a low-value target machine and pivot into high-value servers filled with sensitive information. However, many organizations face challenges when their infrastructure includes older Linux kernels that do not support modern tracing technologies.