When running containers in a Kubernetes cluster, trusting the images you deploy is key to enforce security. The use of mutable images represents a risk to the secure Kubernetes deployment and highlights the importance of having a reliable mechanism to ensure you run what you expect. In this blog, you will learn step-by-step how to implement a secure Kubernetes deployment.
Have you ever looked at the curriculum offered in a Computer Science program? Across many different universities, there are some commonalities among the courses students take. Generally, there’s an introductory course in the first semester that introduces students to the world of computer science. Then over the course of subsequent semesters, students take courses about programming (including an introduction to OOP), databases, data structures, etc.
Today’s threat actors often carry out cyber attacks with the primary objective of accessing and exfiltrating sensitive information from your IT environment. Efforts to obtain this “crown jewel” information usually involve complex multi-phase cyber attacks. But another way in which sensitive data ends up in the hands of malicious actors with a lot less effort is when an organization exposes sensitive data assets in a data leak incident.
With flexible work environments now the norm, the use of endpoint devices has increased – whether your organization allows work-from-home days, hires freelancers, and collaborates through email and phone calls. Many employees require access to the corporate network to carry out their daily responsibilities, and endpoint devices allow employees to do just that. That said, endpoints have become one of the biggest attack vectors for cybercriminals since they are easier to target.
If you work in an organization, you’ve probably had to take a cybersecurity training course at some point during your time there. Regardless of whether you work in cybersecurity or not, most of us breeze through the slides or videos, halfway listening to the warnings about spear phishing emails and hacking tactics. We complete the training and then we tuck away the lessons learned until the next year when we have to do it all again.
No security team — at least no effective security team — can operate successfully in a silo. Even expert teams know the value of leveraging the power of the community to build effective security content, share intelligence, and keep current with best practices.
Reduce the time your team spends investigating security issues by using a customizable dashboard that shows your organization’s entire security posture. With the new Sumo Logic and Panther integrations for 1Password, you can monitor potential risks around company data or credentials stored within 1Password.
John Tuckner is a recognized leader in the field of security automation. As Principal Technical Program Manager at Tines, John helps new and existing customers identify more opportunities to leverage the platform, and enables them to build transformative automation workflows to improve their security operations.
From TVs to fridges to energy meters, more and more of the items we use every day are now smart devices. 87% of US households have at least one smart TV, up from 50% in 2014. And with ownership of smart speakers, thermostats, lights, and security systems also on the rise, it’s expected that smart homes will soon become the norm. This ever-expanding network of smart devices is known as the Internet of Things (IoT).
The JFrog Security research team continuously monitors popular open-source software (OSS) repositories with our automated tooling to avert potential software supply chain security threats, and reports any vulnerabilities or malicious packages discovered to repository maintainers and the wider community. At times, we notice trends that are worth analyzing and learning from.
