Generally, cf-agent runs as a privileged user. But did you know that you can also run as an unprivileged user? A major benefit of running cf-agent unprivileged is the ability to prototype policies during development. However, attempting to execute cf-agent as an unprivileged user without proper configuration will result in errors.

Modern SecOps teams use Security Information and Event Management (SIEM) software to aggregate security logs, detect anomalies, hunt for threats, and enable rapid incident response. While SIEMs enable accurate, near real-time detection of threats, today's SIEM solutions were never designed to handle the volume of security data organizations generate daily. As daily log ingestion grows, so do the costs of data management.

In the wake of the Microsoft-CrowdStrike incident on July 19, 2024, Squadcast community has been actively reflecting on the lessons learned from this disruptive event. This global outage, affecting 8.5 million Windows machines, has served as a critical case study for incident management and operational resilience.

When enterprises transition to a microservices model, they often need to migrate their legacy applications to the new infrastructure. One popular framework used for these traditional applications is.Net. Due to migration, enterprises require the ability to run Windows containers in their Kubernetes infrastructure.

n our previous exploration of The Punchcard Paradigm, we traced the roots of modern compliance practices back to the early days of computing. We saw how the physical constraints of punchcards shaped programming practices and how those practices lingered long after the technology had evolved. Now, let’s dive deeper into why modern compliance is more critical than ever in today’s digital landscape.

You ever get that nagging feeling that maybe, just maybe, you’ve missed something crucial in a project? When it comes to deploying Apache Kafka, that “something” often turns out to be security. I’ve been there myself, thinking everything was running smoothly, only to realize later that I’d left the door wide open for potential security issues. Kafka is powerful, but it’s easy to overlook some key security measures if you’re not careful.

Picture a gruff-voiced sergeant from the classic TV series “Dragnet,” but instead of solving crimes, they are navigating the complex world of software delivery. Their catchphrase, “Just the facts” isn’t just a catch phrase – it’s the mantra we need in today’s high-stakes world of DevOps, AppSec and Compliance.

In our journey through the evolution of compliance in the DevOps era, we’ve seen the limitations of traditional compliance methods and the high stakes of compliance failures. Manual processes, siloed teams, and a lack of automation have turned compliance into a bottleneck, hindering the agility promised by DevOps.

In the previous two blogs, we’ve traced the outline of Zero Trust from philosophy and principles to frameworks and marketing terms. In this blog Pete Roythorne talked to Marc Barry, Co-Founder and Chief Product Officer at Enclave, about how you can get started with Zero Trust Network Access. You can read the previous blogs here: To do this we’re going to use CISA’s Zero Trust Maturity Model as a baseline for understanding.