Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

%term

Firewalls explained: the different firewall types and technologies

Finding the right network security tools to secure your sensitive data can be a significant challenge for any organization. Choosing a firewall may seem like a simple task, but companies can get overwhelmed by the different firewall types and options. Making the distinction between a firewall and other security solutions can also pose challenges. Here are the answers to some of the most common firewall questions.

Top 9 Code Review Tools for Clean and Secure Source Code

Shifting left quality and security testing has finally become a practice that organizations are embracing. But even before testing the code comes code review, beginning at the earliest stages of development. Code review is essential for detecting and remediating code defects and errors before production, when they are relatively easy and less expensive to address.

Risky Business: How COVID-19 changed user behavior

The COVID-19 pandemic caused an abrupt change — a sudden and lasting shift to remote work for the majority of knowledge workers. The number of people working remotely more than doubled in the span of a few weeks. Among the many challenges that security organizations faced during this transition was a change in user behavior.

Best Practices for Secure Infrastructure Access

Technologies build on other technologies to compound growth. It’s no coincidence that of the companies with the highest market capitalization within the US, the first non-tech company is the eighth one down: Berkshire Hathaway. Nor is it a coincidence that tech startups can take their valuation into the 10 digits in a flash on the backs of other tech companies. This pace of growth can only be afforded by the innovation of new technology.

Kubernetes Security - Intrusion Detection and Mitigation

By default, pods are not isolated. This means that malicious actors once inside may wander freely throughout your kubernetes cluster. During this session we’ll discuss the different attack vectors and how to mitigate. Intro to attacking kubernetes and applications Network policies, isolation and quarantining IDS and honeypots concepts

O365 Phishing Attack Used Real-Time Validation against Active Directory

A phishing attack used real-time validation against an organization’s Active Directory in order to steal users’ Office 365 credentials. According to Armorblox, the phishing attack targeted an executive working at an American brand that was named one of the world’s Top 50 most innovative companies for 2019 on a Friday evening.

Cryptocurrency exchange Eterbase hacked, $5.4 million worth of funds stolen

European cryptocurrency exchange platform Eterbase has announced that it has suffered a security breach which saw malicious hackers access its network and steal funds worth US $5.4 million. In a message posted on Telegram, the Slovakian cryptocurrency exchange listed the six hot wallets plundered by cybercriminals for their Ether, Tezos, Bitcoin, ALGO, Ripple, and TRON riches.

Achieving CI Velocity at Tigera using Semaphore

Tigera serves the networking and policy enforcement needs of more than 150,000 Kubernetes clusters across the globe and supports two product lines: open source Calico, and Calico Enterprise. Our development team is constantly running smoke, system, unit, and functional verification tests, as well as all our E2Es for these products. Our CI pipelines form an extremely important aspect of the overall IT infrastructure and enable us to test our products and catch bugs before release.

How to Scan GitHub Repositories for Committed Secrets and other Code Snippets

In 2019, GitHub estimates that over 44 million repositories were created, and over 10 million new developers joined the platform. This comes as no surprise, as GitHub is the world’s largest host of source code. With that designation comes a substantial volume of committed code.