Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

Over the past two years that we have lived with the pandemic, the world has changed dramatically. Those changes provided financial criminals with great opportunities to take advantage of many businesses when they were at their most vulnerable, trying to adjust to a new reality. Remote working environments, the ongoing digitization of services, COVID-19 restrictions – all have contributed to the development of new cyber threats and techniques.

Securing modern-day production systems is expensive and complex. Teams often need to implement extensive measures, such as secure coding practices, security testing, periodic vulnerability scans and penetration tests, and protections at the network edge. Even when organizations have the resources to deploy these solutions, they still struggle to keep pace with software teams, especially as they accelerate their release cycles and migrate to distributed systems and microservices.

The security stack is a crucial part of any company’s IT infrastructure. However, Security teams increasingly report that traditional SIEM solution approaches are “costly, complex, and resource-consuming,” according to a recent ESG survey. Fortunately, there has been significant innovation in how firms approach cybersecurity with new cloud-native technologies stack and breaking free from vendor lock-in and giving themselves more flexibility, cost advantage, and future-proofing.

A core challenge for threat detection engineering is reproducing common attacker behavior. Several open source and commercial projects exist for traditional endpoint and on-premise security, but there is a clear need for a cloud-native tool built with cloud providers and infrastructure in mind. To meet this growing demand, we’re happy to announce Stratus Red Team, an open source project created to emulate common attack techniques directly in your cloud environment.

Wachy is a new Linux performance debugging tool that Rubrik recently released as open source. It enables interesting new ways of understanding performance by tracing arbitrary compiled binaries and functions with no code changes. This blog post briefly outlines various performance debugging tools that we commonly use, and the advantages and disadvantages of each. Then, we discuss why and how we built wachy.

The massive shift to remote work makes managing endpoint security more critical and challenging. Yes, people were already using their own devices for work. However, the rise in phishing attacks during the COVID pandemic shows that all endpoint devices are at a higher risk than before. Plus, more companies are moving toward zero-trust security models. For a successful implementation, you need to secure your endpoints.

Here at Nightfall we ensure that we are always using the most appropriate technology and tools while building services. Our architecture involves serverless functions, relational and NoSQL databases, Redis caches, Kafka and microservices written in Golang and deployed in a Kubernetes cluster. To effectively monitor and easily troubleshoot our services, we use distributed tracing across our services.