Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

%term

The origin of Open Policy Agent and Rego

Why the cloud-native architecture required a new policy language I recently started a new series on the Open Policy Agent (OPA) blog on why Rego, OPA’s policy language, looks and behaves the way it does. The blog post dives into the core design principles for Rego, why they’re important, and how they’ve influenced the language. I hope it will help OPA users better understand the language, so they can more easily jump into creating policy of their own.

Hardening Windows security: How to secure your organization - Part 2

We’re back with part two of our three-part blog series on living-off-the-land attacks. If you missed part one, you can read it here. In a nutshell, living-off-the-land (LOTL) refers to a type of attack where the attacker uses the tools and features that already exist in the target environment to carry out malicious activities. The concept of LOTL is not new, but LOTL and file-less attacks have been gaining popularity over the last few months.

Performing Image Scanning on Admission Controller with OPA

In this post we will talk about using image scanning on admission controller to scan your container images on-demand, right before your workloads are scheduled in the cluster. Ensuring that all the runtime workloads have been scanned and have no serious vulnerabilities is not an easy task. Let’s see how we can block any pod that doesn’t pass the scanning policies before it even runs in your cluster.

PCI Compliance for Containers and Kubernetes

Attend our webinar about PCI compliance in containers & Kubernetes: Download our PCI Guide: More info in our blog: Many of your applications are now starting to run on containers in the cloud. If your applications are at all dealing with credit card data, you may be wondering how to validate PCI compliance, a well known regulation for handling this data securely. PCI is also a must have requirement to check off before your code gets to production.

Kubernetes Threat Intelligence: Detecting Domain Generation Algorithms (DGA)

Malicious actors often use Domain Generation Algorithms (DGA) to exploit the DNS protocol and execute command-and-control (C & C) malware attacks. In this webinar, threat researchers Manoj Ajuhe and Chris Gong from Tigera’s Threat Detection Team will be sharing the latest insights into DGAs, the risks they present, along with best practices to speed detection and mitigation.

The MITRE ATT&CK Framework: Privilege Escalation

Anyone who has had any experience on the offensive side of security has had fun with privilege escalation. There’s something exciting about exploiting a system to the point of getting root-level access. Since I have spent most of my time on the defensive side of the fence, the magic of escalating privileges rested in Exploiting for Privilege Escalation or stealing an administrator’s credentials.

Best Practices for Building API Integrations

Modern applications aren’t built in silos. They rely on the features of other applications. This reliance can come in the form of open-source libraries, access to a wealth of data, or complex features distilled down into a consumable API. Incorporating third-party dependencies into your own project can be challenging. It comes with the benefits of faster development, and the downside of reliance. There is a relationship that happens when using a dependency.

What are the PCI DSS Security Audit Procedures?

The Payment Card Industry Data Security Standard (PCI DSS) represents an information security standard designed for organizations that store, process, or transmit credit cards and are exposed to cardholder data. The card brands themselves have advocated for the PCI standard which is administered by the Payment Card Industry Security Standards Council (PCI SSC). Given organizations are interested in compliance, many ask the question “what are the PCI DSS Security Audit Procedures”?

COVID-19 sets the stage for cyberattacks: How to protect your business while working remotely

Businesses are shifting their operations to a remote work model in the midst of the COVID-19 lockdown. While this enables business to generally continue as normal, there has also been a rise in cyberattacks because of this shift as reported by national cybersecurity agency CERT-In. Security experts have also predicted a 30-40 percent hike in cyberattacks due to increased remote working.