Technology

CNCF accepts Kubescape as its first security and compliance scanner project

Jan 11, 2023 By Craig Box In ARMO

Kubescape, an end-to-end open-source Kubernetes security platform, embarks on a new journey. Kubescape, created by ARMO, will fully migrate to the CNCF. This coincides with the launch of ARMO Platform, a hosted, managed security solution powered by Kubescape.

Read Post

ARMO

Read more about CNCF accepts Kubescape as its first security and compliance scanner project

OSPO security evolution: The Kübler-Ross Model of open source

Jan 11, 2023 By Dan Appelquist In Snyk

What’s in an OSPO? Open Source Program Offices are popping up all over, in recognition of the facts on the ground: open source software (and I would argue open standards as well) plays an enormous role in building and maintaining the software that increasingly drives the planet.

Read Post

Snyk

Read more about OSPO security evolution: The Kübler-Ross Model of open source

Improve your AWS security posture, Step 2: Avoid direct internet access to AWS resources

Jan 11, 2023 By Chris Maes In AT&T Cybersecurity

In the first blog in this series, we discussed setting up IAM properly. Now we’re moving on to the second step, avoiding direct internet access to AWS resources. When AWS resources like EC2 instances or S3 buckets are directly accessible via the Internet, they are vulnerable to attack. For example, brute force attacks on SSH login, denial of service (DOS) attacks on server resources via Layer 3, 4, or 7 flooding, or the inadvertent disclosure of data on an S3 bucket.

Read Post

AT&T Cybersecurity

Read more about Improve your AWS security posture, Step 2: Avoid direct internet access to AWS resources

Self-Hosted vs. Cloud-Based Password Manager

Jan 11, 2023 By Craig Lurey In Keeper

A few customers have asked about the pros and cons of a self-hosted password management solution, such as Bitwarden. Since I have a lot of experience with this topic, I thought I would share some of the key reasons to use a cloud-based password manager like Keeper, instead of a self-hosted password vault.

Read Post

Keeper

Read more about Self-Hosted vs. Cloud-Based Password Manager

Tigera 2023 predictions: Cloud native security and the shifting landscape in 2023

Jan 11, 2023 By Ratan Tipirneni In Tigera

Cloud computing and the use of cloud native architectures enable unparalleled performance, flexibility, and velocity. The speed of innovation has driven significant advancements across industries, but as digitalization continues pushing applications and services to the cloud, bad actors’ intrusion techniques have also become more sophisticated.

Read Post

Tigera

Read more about Tigera 2023 predictions: Cloud native security and the shifting landscape in 2023

7 AWS Security Tools for 2023

Jan 10, 2023 By Eyal Katz In Spectral

AWS (Amazon Web Services) allows businesses to quickly and securely build and scale applications. Hence, there is exponential growth in AWS usage among businesses and organizations. For example, As of 2020, AWS held 76% of enterprise cloud usage, reflecting the power and importance AWS holds. This increased use of AWS tools and services opens new doors for cyber attackers. However, AWS is a very reliable cloud service provider that works hard to ensure protection over its infrastructure.

Read Post

Spectral

Read more about 7 AWS Security Tools for 2023

Cloud Asset Inventory and Visualization

Jan 10, 2023 By CrowdStrike In CrowdStrike

Track your cloud asset inventory at a high level in one view and continuously monitor your cloud assets and investigate details about individual assets in the Cloud Assets table and graph. The Asset Inventory Overview shows top counts, trends, detections, and more across multiple clouds. Filter the widgets to see the info you want, and click areas in the widgets to see details in the Cloud Assets table.

View Video

CrowdStrike

Read more about Cloud Asset Inventory and Visualization

AWS hit by Largest Reported DDoS Attack of 2.3 Tbps

Jan 10, 2023 By A10 Networks In A10 Networks

A significant milestone occurred with the reported largest DDoS attack on Amazon Web Services (AWS) reaching 2.3 terabits per second. This is a substantial increase of 70% from the previous record holder, the Memcached-based GitHub DDoS attack in 2018, which measured 1.35 terabits per second. Over the years, these attention-grabbing performance gains in DDoS attacks have been rising consistently, with major high-profile attacks happening every two years.

View Video

A10 Networks

Read more about AWS hit by Largest Reported DDoS Attack of 2.3 Tbps

What is Kubernetes (K8s)?

Jan 9, 2023 By A10 Networks In A10 Networks

Today's term is Kubernetes, a tool that helps manage and automate the deployment, scaling, and management of containerized applications. Kubernetes, also known as K8s, is used to orchestrate containers, which are isolated packages of an application, across multi-cloud and hybrid-cloud environments.

View Video

A10 Networks

Read more about What is Kubernetes (K8s)?

10 of the Most Common IoT Hacks and How to Defend Against Them

Jan 6, 2023 By Louise José In Device Authority

The Internet of Things (IoT) has revolutionised the way we live and work, connecting devices and systems to the internet and each other to create a more efficient and interconnected world. However, as with any new technology, the IoT comes with its own set of security risks and vulnerabilities. In this blog, we will look at the 10 most common IoT hacks and how to defend against them.

Read Post