Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

Blog

Got Container Security? Make Sure to Secure Code and Supplemental Components

Organizations face numerous primary threats and security concerns when it comes to their container environments. Those issues extend into their build environment, an area which organizations need to protect because it’s usually the least secure aspect of their container infrastructure. They also extend into other areas, including inside the containers themselves.

Why Is Logging Ecosystem So Important?

The logging ecosystem or a logging infrastructure is the set of all components and parts that work together to generate, filter, normalize, and store log messages. The purpose of this logging system is to use logs for solving particular problems. For example, the logs can help to find out the source of the attack. This article defines each component of logging ecosystem and illustrates how they work.

Threats from within

Cyber security is a big deal these days. A very big deal. A deal worth £3.5billion to be precise. The threats are varied and numerous, with attackers constantly shifting their methods and approach to circumvent security. No matter how good cyber security gets and how thorough your processes are, the threat will always remain. What’s interesting here is that a large portion of this threat comes from within your own walls.

Communication: A Significant Cultural Change for Embracing DevOps

Organizations can reap huge rewards by switching to a DevOps software development model. Some enterprises don’t know how to make the change. Recognizing that fact, I’ve spent the past few weeks discussing the benefits of a DevOps model, outlining how organizations can plan their transition, identifying common problems that companies commonly encounter and enumerating steps for a successful conversion. Of course, organizations aren’t finished once they’ve fully embraced DevOps.

The Five Stages of Vulnerability Management

A key to having a good information security program within your organization is having a good vulnerability management program. Most, if not all, regulatory policies and information security frameworks advise having a strong vulnerability management program as one of the first things an organization should do when building their information security program. The Center for Internet Security specifically lists it as number three in the Top 20 CIS Controls.

36 Computing Milestones Every Tech Person Should Know

I was recently asked what I thought were the most significant points in the history of computing. It made me realize most people coming into high tech don’t have a basic understanding of the history of computing, which is important to understand future trends, how products work, and the relationships among computing elements in the technology stack.

Don't Let Malware Hold You Ransom

Ransomware is a relatively new form of malware that poses significant threats to computer networks, even those with effective security systems. It masquerades as legitimate software and uses encryption protocols, like those designed to protect personal information, to lock down files and hold data for ransom. In addition to the increased frequency of attacks, hackers are continuing to grow more sophisticated, targeting high profile businesses that can afford to pay higher ransoms.

Procedures: Runbook Automation that Works

One of the challenges of building and running information technology systems is solving novel problems. That's where frameworks like scrum and agile come in– getting from the unknown to the known with a minimum of frustration and waste. Another challenge is performing known tasks correctly every single time. Here runbooks, checklists, and documentation are your friend.

6 Steps for Establishing and Maintaining Digital Integrity

To create a secure digital profile, organizations need digital integrity. This principle encapsulates two things. First, it upholds the integrity of files that store operating system and application binaries, configuration data, logs and other crucial information. Second, it protects system integrity to make sure applications, endpoints and networks perform their intended functions without degradation or impairment.