Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

Containers

armo

Complete your Kubernetes security with runtime protection

Sep 23, 2024 By Oshrat Nir In ARMO
Kubernetes today is the de facto standard for container orchestration, deployment automation, scaling, and management of containerized apps. The robustness and scalability of this open-source platform make it a valuable tool for businesses leveraging cloud-native technologies and DevOps practices. However, as with any technology that handles sensitive data and crucial operations, the importance of security in Kubernetes environments can’t be overstated.
Read Post
sysdig

Shift left with the Sysdig extension for Visual Studio Code

Sep 23, 2024 By ashish chakrabortty In Sysdig
Adversaries exploit security blind spots and sneak through traditional defenses to craft attacks that impact your operations, or even worse, your reputation. One recent example is the Revival Hijack supply-chain attack, where threat actors registered new PyPi projects with names of previously deleted packages. One way to counter this imminent threat is to “shift left,” or take ownership of the code’s security posture earlier in the development process.
Read Post
sysdig

Harden your LLM security with OWASP

Sep 19, 2024 By Nigel Douglas In Sysdig
Foundationally, the OWASP Top 10 for Large Language Model (LLMs) applications was designed to educate software developers, security architects, and other hands-on practitioners about how to harden LLM security and implement more secure AI workloads. The framework specifies the potential security risks associated with deploying and managing LLM applications by explicitly naming the most critical vulnerabilities seen in LLMs thus far and how to mitigate them.
Read Post
sysdig

Prioritize Security Without Sacrificing Productivity: Balancing Identity Management and Risk Tolerance

Sep 19, 2024 By Crystal Morin In Sysdig
In the fast-paced, large-scale world of digital business, establishing and managing an acceptable risk tolerance related to user identities — both human and machine — is a critical element of organizational security. At the forefront of this challenge is the need to strike the right balance between ensuring robust security and maintaining an environment that doesn’t impede innovation. After all, identities are the new perimeter in the cloud.
Read Post

Navigating Access Challenges in Kubernetes-Based Infrastructure

Sep 19, 2024 By Teleport In Teleport
Organizations often find that as they deploy their K8S infrastructure into production and across their company, what worked well for managing access during development does not scale efficiently. Research shows that this often leads to serious security risks including breaches. So, new access challenges emerge, particularly as teams scale. Join us for a 30-minute deep dive into how to secure access to Kubernetes-based environments including clusters, databases, and applications in a scalable way.
View Video
armo

CEL and Kubescape: transforming Kubernetes admission control

Sep 12, 2024 By Oshrat Nir In ARMO
Admission control is a crucial part of the Kubernetes security, enabling the approval or modification of API objects as they are submitted to the server. It allows administrators to enforce business logic or policies on what objects can be admitted into a cluster. Kubernetes RBAC is a scalable authorization mechanism, but lacks the fine grained control over different Kubernetes objects. This creates the need for another layer of control which is Admission Policies.
Read Post
sysdig

Enhancing CISO-Board communication: Three key questions for the CISO to answer

Sep 10, 2024 By Suresh Vasudevan In Sysdig
A challenging dynamic exists between the CISO and the Board of Directors. While both stakeholders focus on risk management, their approaches to risk and the language they use are notably different. Though regulations like the NIS2 directive and SEC cybersecurity disclosure rules have given CISOs a bigger seat at the table, the legal requirements and operational prioritization to meet them have exposed a difference in perspective and understanding between the two roles.
Read Post
tigera

What's New in Calico Cloud Summer 2024 Release

Sep 9, 2024 By Dhiraj Sehgal In Tigera
In the rapidly evolving world of container security, staying ahead of threats and keeping abreast of vulnerabilities is crucial. Calico Cloud continues to lead the way with new capabilities designed to enhance security posture, reduce noise, and improve operational efficiency for Security and DevOps teams. Here’s a comprehensive look at how these enhancements can impact your security posture and streamline your operations.
Read Post

Copyright © 2024 OpsMatters™. All rights reserved.