Operations | Monitoring | ITSM | DevOps | Cloud

The latest News and Information on CyberSecurity for Applications, Services and Infrastructure, and related technologies.

Hey, [Insert Family/Friend Name Here], Let's Talk About Online Security

2020 keeps on proving the old adage, “It gets worse before it gets better.” We still seem to be in the “worse” stage. If you’ve been paying attention to the news—and I don’t blame you if you’ve been taking a break for sanity’s sake—you might have noticed (in addition to the reports about the pandemic and social issues) hacks and general security breaches have been ramping up.

Automate registry scanning with Harbor & Sysdig

Discover what registry scanning is, how it helps with shifting security left, and how you can implement it using Harbor and Sysdig. Shifting security left is all about moving security to the earliest possible moment in the development process, dramatically improving “time to fix” and security impact. In this article, we’re going to show you how to shift left with Harbor registry and Sysdig Secure.

How Calico Enterprise Enables Your Kubernetes Multi-Tenancy

In this talk, we will explore Kubernetes multi tenancy concepts and design patterns. Specifically, we will go over the network and network security design patterns needed for enabling multi tenancy within your k8s clusters using key capabilities of Calico Enterprise. Explore multi-tenancy use-cases in Kubernetes Learn about the core concepts and design patterns behind multi tenancy in Kubernetes Understand the key capabilities of Calico and Calico Enterprise that enable multi tenancy

How to monitor etcd

Learning how to monitor etcd is of vital importance when running Kubernetes in production. Monitoring etcd will let you validate that the service performs as expected, while detecting and troubleshooting issues that could take your entire infrastructure down. Keep reading to learn how you can collect the most important metrics from etcd and use them to monitor this service. etcd is a foundational component of the Kubernetes control plane.

Enabling Microsegmentation with Calico Enterprise

Microsegmentation is a security technique that is used to isolate workloads from one another. Microsegmentation limits the blast radius of a data breach by making network security more granular. Should a breach occur, the damage is confined to the affected segment. Application workloads have evolved over time – starting from bare metal, to a mix of on-prem and cloud virtual machines and containers.

No, You Still Don't Need a Blockchain

A couple of years ago, I wrote about why you don’t need a blockchain. Blockchain is one long transaction log that always gets written to and is never backed up. It’s a ledger, more or less, with some math. And while distributed ledgers can be useful for some scenarios, I’m here today to say you still don’t need a blockchain. What turns a distributed ledger into a blockchain is cryptography for creating a digital signature to reduce the risk of data tampering.

Collecting and analyzing Zeek data with Elastic Security

In this blog, I will walk you through the process of configuring both Filebeat and Zeek (formerly known as Bro), which will enable you to perform analytics on Zeek data using Elastic Security. The default configuration for Filebeat and its modules work for many environments; however, you may find a need to customize settings specific to your environment.