Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

Containers

armo

What is the difference between a root process and a containerized root process?

May 29, 2024 By Ben Hirschberg In ARMO
To answer this question, let’s first look at some history. Processes are software instances running in their own memory spaces. They enable a user to execute multiple software instances in parallel on the same computer. The concepts are derived from operating systems of the 1960s, with UNIX first being released in 1971. In today’s operating systems, every process is associated with an identity to which authorizations are bound. This enables the definition of access controls around processes.
Read Post
tigera

Container Security: Protect your data with Calico Egress Access Controls

May 28, 2024 By Utpal Bhatt In Tigera
23andMe is a popular genetics testing company, which was valued at $6B in 2021. Unfortunately, there was a massive data breach in December 2023, which caused a steep decline in the company’s value and trust, plummeting the company to a penny stock. While this breach was not directly related to Kubernetes, the same risks apply to containers running in your Kubernetes environments.
Read Post

Ticker News: Major 2024 Cybersecurity Concerns With Loris Degioanni, Sysdig

May 28, 2024 By Sysdig In Sysdig
Loris Degioanni, CTO and Founder of Sysdig, stopped by the Ticker News studio to discuss the major cybersecurity concerns of 2024. In the cloud, attacks are fast. Companies have 5 seconds to discover an attack, 5 minutes to investigate, and 5 minutes to respond. How can companies secure their environment when keeping pace with the speed of the cloud?
View Video
sysdig

DDoS-as-a-Service: The Rebirth Botnet

May 28, 2024 By Sysdig Threat Research Team In Sysdig
In March 2024, the Sysdig Threat Research Team (TRT) began observing attacks against one of our Hadoop honeypot services from the domain “rebirthltdio). The threat actors operating the botnet are financially motivated and advertise their service primarily to the video gaming community, although there is no evidence that this botnet is not being purchased beyond gaming-related purposes, and organizations may still be at risk of falling victim to these botnets attacks.
Read Post
trilio

Effective Disaster Recovery Testing: Technical Guide

May 24, 2024 By David Safaii In Trilio
The distributed and complex nature of Kubernetes applications empowers agility and scalability but also presents unique challenges when it comes to disaster recovery (DR). Handling the interplay of containers, microservices, and persistent volumes requires a robust and well-tested DR plan to ensure business continuity in the face of unexpected disruptions. A poorly tested or inadequate disaster recovery testing strategy can lead to prolonged downtime, data loss, and significant financial setbacks.
Read Post

AI Workload Security

May 23, 2024 By Sysdig In Sysdig
AI usage has exploded. In just a few years, it's gone from something the enterprise should track to a powerful technology set we rely on. This sharp rise has created a world of opportunity and a new set of security challenges that we need to be aware of, but not scared of. And that's why I'm excited to share our new AI workload security feature. By understanding where they are running, Sysdig helps you control shadow AI and active AI risk and keeps you ahead of emerging AI regulations because you'll know what AI workloads you have, where they are, and what risks are associated with them.
View Video
sysdig

Leadership Strategies for Risk Reduction, Transparency, and Speed

May 22, 2024 By Crystal Morin In Sysdig
To respond to the increasing number of federal cybersecurity recommendations and regulations, cybersecurity leaders and their teams need to be confident in the transparency and resiliency of their security processes. The key is a strong and well documented risk management program. This is imperative for the compliance or incident audits that come with regulations.
Read Post
styra

Comparing OPA/Rego to AWS Cedar and Google Zanzibar

May 22, 2024 By Tim Hinrichs In Styra
Rego, the policy language of the Open Policy Agent (OPA), is known for its flexibility and power in policy enforcement across various systems. Its declarative syntax and data-centric approach make it versatile for application authorization, infrastructure as code (IaC) authorization, and network policies. To fully appreciate OPA/Rego’s capabilities, it’s helpful to compare it with other policy languages and frameworks like AWS’s Cedar and Google’s Zanzibar.
Read Post
tigera

What's new in Calico - Spring 2024

May 21, 2024 By Giri Radhakrishnan In Tigera
Calico, the leading solution for container networking and security, unveils a host of new features this spring. From new security capabilities that simplify operations, enhanced visualization for faster troubleshooting, and major enhancements to its popular workload-centric distributed WAF, Calico is set to redefine how you manage and secure your containerized workloads. This blog describes the new capabilities in Calico.
Read Post

Copyright © 2024 OpsMatters™. All rights reserved.