Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

Development teams of all sizes are embracing the excitement and possibility of using AI tools to build software. Coding assistants like Google Gemini and Github Copilot have the potential to accelerate development like never before, and developers are adopting these tools — whether or not leadership has officially approved them. As your team considers the best ways to adopt this new technology, this transition might feel like déjà vu.

Securing Kubernetes environments is a continuous task, but the journey is fraught with challenges, particularly when addressing misconfigurations. This blog post explores the nuances of securing Kubernetes without disrupting applications, exploring the challenges, and proposing strategies for effective resolution.

Sisense is a popular monitoring tool that enables users to monitor business metrics from multiple third-party sources in a single dashboard. On April 10, the company informed customers that the sensitive information they entrusted with Sisense may have been compromised and urged them to reset their password and rotate their secrets. According to KrebsOnSecurity, the attackers were allegedly able to access GitLab repositories hosted by Sisense, where hard-coded secrets may have been found.

TruffleHog and Gitleaks are popular secrets scanning tools that can automatically surface hardcoded secrets such as API keys, passwords, and tokens. They can both be integrated into the Software Development Lifecycle (SDLC) to proactively scan repositories to identify and rectify potential issues before they can be exploited. The need for effective secret detection tools underscores a broader shift toward more secure software development practices.

When it comes to backup and disaster recovery, Vembu offers two robust solutions: BDRSuite and BDRCloud. While both are designed to deliver comprehensive protection for your data, they cater for different deployment preferences. BDRSuite and BDRCloud are cost-effective and comprehensive backup and disaster recovery solution offering.

Microsoft’s initiative to phase out NTLM authentication in favor of the more secure Kerberos protocol was originally announced back in October 2023. At that time, the Windows maker declared its intention to deprecate NTLM and encourage organizations to transition to Kerberos for authentication purposes across its ecosystem. Microsoft announced this week that later this year they are expecting to retire NTLM authentication in Windows 11.