Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

The timing of CISA’s SBOM-a-rama today and tomorrow coincides with the fallout from the “vulnerability of the decade” gifting the industry with yet another example of why scaling and operationalizing the widespread use of SBOMs is so vital. Log4Shell is a 10/10 vulnerability in a hugely popular Java logging library – Log4j – used in virtually every online service. For two decades it was considered harmless, that is until last week when somebody found it wasn’t.

According to IBM’s Cost of a Data Breach Report 2021, the global average cost of a data breach is estimated to be $4.24 million. Cyberattacks cost organizations time and money, not only in the form of data loss but also through irreversible damage to their reputations, leading to the loss of customers. After security breaches, customer loyalty is almost impossible to regain.

On December 9, 2021, a critical vulnerability in the popular Log4j Java logging library was disclosed and nicknamed Log4Shell. The vulnerability is tracked as CVE-2021-44228 and is a remote code execution vulnerability that can give an attacker full control of any impacted system. In this blog post, we will: We will also look at how to leverage Datadog to protect your infrastructure and applications.

Speak with any customer in tech and the word Kubernetes will surely find its way into the conversation at some point or another. In terms of orchestration, automating deployments, scaling, managing containerized applications to meet growing customer demand, Kubernetes provides users with extensibility and flexibility.

Concepts like AI-based video editing and augmented video processing are not just buzzwords anymore. Fraudsters now have easy access to plug-and-play products that enable them to use the power of deep learning and advanced AI to anonymize, mask, and alter images and videos. These spoofs also known as presentation attacks include printed photos, cutout masks, digital and video replay attacks, and 3D masks.

GKE Autopilot from Google Cloud is a mode of operation in Google Kubernetes Engine (GKE) designed to simplify working with Kubernetes in the cloud. Pairing secure DevOps practices with GKE Autopilot will help you and your teams ensure the security, compliance, and performance of your workloads and applications. Sysdig has collaborated with Google Cloud to enable visibility and security for GKE Autopilot and your containers.