Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

%term

Prevent DNS (and other) spoofing with Calico

AquaSec’s Daniel Sagi recently authored a blog post about DNS spoofing in Kubernetes. TLDR is that if you use default networking in Kubernetes you might be vulnerable to ARP spoofing which can allow pods to spoof (impersonate) the IP addresses of other pods. Since so much traffic is dialed via domain names rather than IPs, spoofing DNS can allow you to redirect lots of traffic inside the cluster for nefarious purposes.

Monitor system access and unusual activity with Okta logs and Datadog

Okta is a cloud-based identity management service that provides authentication and authorization tools for your organizations’ employees and users. You can use Okta to incorporate single sign-on, multi-factor authentication, and user management services right into your applications.

What is a Cyber Threat?

A cyber threat (or cyber security threat) is the possibility of a successful cyber attack that aims to gain unauthorized access, damage, disrupt, or steal an information technology asset, computer network, intellectual property or any other form of sensitive data. Cyber threats can come from within an organization by trusted users or from remote locations by unknown parties.

Survey Reveals Kubernetes Usage Skyrocketing, but Security Concerns Remain

Containers have become a popular technology for enterprises that need to create agile, scalable and reliable applications. As they’re moving containerized workloads into production, many are adopting Kubernetes for container orchestration. While containerization enables DevOps to deploy software fast and efficiently, it also creates new security challenges, especially for those who’ve accelerated their implementation of this complex technology.

Data governance for regulatory compliance: lessons learned from NYDFS

This week marks six months since the last of three compliance deadlines for the New York State Department of Financial Services (NYDFS) Cybersecurity Regulations. As of March 1, 2019, many financial services firms operating in New York state are now required to abide by a new set of cybersecurity standards that dictate how they manage, share, and control access to data.

Starting a remote-first and multicultural company

At Bearer, we’ve been crafting a remote-first company since day one. Not only are we remote-first, we are, in fact, a multi-regional, multi-cultural, multi-lingual, remote-first company, something even more unique! Since we’ve been running the company this way for more than a year now, we took this as a good opportunity to reflect on the culture and process we've built, hopefully answering some questions you may have about remote-first companies too.

What is Log Auditing?

If you are involved with cyber security, you must have heard log auditing. In this article we discuss the importance and benefits of log auditing and how it can help improving the security posture of your networks. The definition of audit log (also known as audit trail) is quite straightforward. When the system is applied a change, it leads to a parallel one in the behaviour of the system. This change in the behaviour must be recorded in an audit log.

When Employees Waste Time, and What to Do About It

The numbers are shocking. According to the 2019 The State of Work Report, employees spend just 40% of their workday on primary tasks. A Gallup poll showed that disengaged employees cost companies in the United States between $450 and $550 billion per year, and highly engaged teams are 21% more profitable than others. So how can an organization find out what employees are doing when they are on the clock so they can take steps to increase engagement and boost productivity?

How Global Processing Services Uses Tripwire to Achieve & Maintain Policy Compliance

Global Processing Services (GPS) uses Tripwire to solve its biggest security challenge year after year – meeting PCI compliance. Chief Information Security Officer Alex Radford shares how Tripwire solutions help the organization monitor and remediate changes to effectively achieve and maintain policy compliance.