How Will the CMMC Impact My Business and How Can We Prepare? Part 1 of 3

In June of this year, my colleague Tom Taylor wrote about the DoD’s announcement to instate the Cyber Security Maturity Model Certification (CMMC) and elaborated on the fact that, with the CMMC, the DoD appears to be addressing our customers’ core compliance pain points: Since its announcement in May, the DoD kicked-off a “listening tour” to solicit feedback from the Defense Industrial Base sector, according to the CMMC website.


Is Web Filtering Turning into Inline App API-JSON Filtering?

The answer depends on where you desire to control apps and to what depth of policy controls are required. Next generation firewalls (NGFW) long ago recognized apps in allow or deny policy controls for user identity, content type, and app identity. URL categories in secure web gateways (SWG) were too broad to delineate specific apps and use cases, plus an associated app risk profile.


How Are Serverless Applications Attacked?

Serverless frameworks have become the next big thing in application development, allowing companies to release new features and functionality while focusing on innovation, rather than managing servers and machines. With that, new types of risks and attacks are emerging. Serverless frameworks are definitely not less secure by default, in fact, the opposite is true.


Announcing our AWS CloudTrail Integration

One of the most common reasons for system failures is changes to the underlying infrastructure. Amazon CloudTrail does a great job of recording when actions are taken but a lot of organizations don’t take advantage of it. FireHydrant now includes this data, giving you visibility into changes to your infrastructure while you’re investigating an incident.

Key Trends in Logging Workflows

Logs have been around since the advent of computers and have probably not changed all too much since. What has changed, however, are the applications and systems generating them. Modern architectures — i.e. software and the infrastructure they are deployed on, have undergone vast changes over the past decade or so with the move to cloud computing and distributed environments.


The Top 10 Highest Paying Jobs in Information Security - Part 1

Given a surge in digital threats like ransomware, it is no surprise that the field of information security is booming. Cybersecurity Ventures estimates that there will be 3.5 million job openings across the industry by 2021. Around that same time, the digital economy research firm forecasted that global digital security spending would exceed one trillion dollars.


Why Mattermost built a Kubernetes Operator

Mattermost is a state-of-the-art, highly scalable open source messaging platform for secure team collaboration. Kubernetes is a robust open source container management platform that runs on any land-based or cloud infrastructure and automates the installation, configuration, and maintenance of diverse, highly distributed systems. It sounds like Mattermost and Kubernetes are made for each other. And it’s getting even better.


5 Steps That Helped Me Turn a $15M Loss Into Successful Software Delivery

Pierre Bouchard has more than 20 years of experience applying effective engineering solutions for the most complex problems at companies including JP Morgan Chase, BNY Mellon and Wells Fargo. In our first innovator spotlight, we asked him to share his unique perspective on how to drive innovation, motivate engineers and promote accountability throughout the organization. Consider yourself a true innovator? Reach out for a chance to be featured as a part of our Innovator Series.


Remote Access Vulnerabilities Found in Popular IoT Devices and Routers

New research shows that vulnerabilities are becoming increasingly more common in our connected devices. As 'smart' Internet-connected devices become more prevalent, so does the potential attack surface for cyber-attacks. While it's truly impossible for any Internet-connected device to be 100% secure from exploitation, manufacturers are not even doing the bare minimum to secure these devices by neglecting to include security by design into the development stage.