Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

Technical Blog: What you can't do with Kubernetes network policies (unless you use Calico): TLS Encryption

Kubernetes documentation clearly defines what use cases you can achieve using Kubernetes network policies and what you can’t. You are probably familiar with the scope of network policies and how to use them to secure your workload from undesirable connections. Although it is possible to cover the basics with Kubernetes native network policies, there is a list of use cases that you cannot implement by just using these policies.

Top Best Practices for Storing X.509 Private Keys

Public Key Infrastructure (PKI) plays a vital role in managing the public keys utilized by networks. It’s used for public-key encryption, identity management, certificate distribution, and revocation. The foundation of a PKI system lies in asymmetric cryptography involving a pair of public and private keys. Safeguarding the X509 private key is an essential aspect of PKI management.

What is Elliptic Curve Cryptography?

Elliptic Curve Cryptography (ECC) is a form of public-key cryptography that is based on the mathematics of elliptic curves. It provides a secure way to perform cryptographic operations such as key exchange, digital signatures and encryption. ECC is an alternative to Rivest-Shamir-Adleman (RSA) encryption, which was first released in 1977. Continue reading to learn more about elliptic curve cryptography and why it’s considered the most secure form of encryption.

Encryption in container environments

Kubernetes has become the de facto standard for container orchestration, providing a powerful platform for deploying and managing containerized applications at scale. As more organizations adopt Kubernetes for their production workloads, ensuring the security and privacy of data in transit has become increasingly critical.

Keeper Security Named Winner for Encryption in 2023 Fortress Cybersecurity Awards

We at Keeper Security are proud to announce that we’ve been recognized by the 2023 Fortress Cybersecurity Awards as the overall winner for Encryption. The Business Intelligence Group conducts the annual Fortress Cybersecurity Awards to recognize experts, engineers, people and products in the field of cybersecurity.

Encrypting files and emails: A beginner's guide to securing sensitive information

The content of this post is solely the responsibility of the author. AT&T does not adopt or endorse any of the views, positions, or information provided by the author in this article. In today's digital age, sensitive information is constantly being shared and transmitted over various electronic devices and networks.

RSA Algorithm in Cryptography: Rivest Shamir Adleman Explained

RSA is a popular and secure cryptographic algorithm that encrypts and decrypts data. It provides a secure method for transmitting sensitive data over the Internet. While RSA has some vulnerabilities, it is still utilized for various applications, like digital signatures to authenticate the source of a message. This article describes RSA, how it works, and its major applications. It also explains the security vulnerabilities of RSA and how to mitigate them.

Data Encryption At Rest vs In Motion in Microsoft 365

Data is the most important resource that a company possesses. Any data loss event can be extremely disruptive, with serious consequences including regulatory fines, major revenue loss, and reputational damage. Data encryption is crucial for any organizations that deal with sensitive data including customer and employee information, payment details, company financials, M&A documents, government and defense data, and more.

FIPS 140-2 Encryption for Mobile App Security

Data security is crucial to creating mobile apps, and businesses that create or handle sensitive data must adhere to the Federal Information Processing Standards (FIPS). Data is encrypted before it leaves the mobile device and is decoded in a safe environment thanks to the FIPS 140-2 encryption standard. In this article, we will take a look at the standards and best practices for FIPS 140-2 encryption compliance, covering the fundamentals of ensuring a safe mobile app.

White Phoenix: Beating Intermittent Encryption

Recently, a new trend has emerged in the world of ransomware: intermittent encryption, the partial encryption of targeted files. Many ransomware groups, such as BlackCat and Play, have adopted this approach. However, intermittent encryption is flawed. In this blog post, I will introduce White Phoenix, a tool my team built that takes advantage of the fact that those files aren’t entirely encrypted and can, in the right circumstances, salvage some content from the unencrypted parts of the files.