Over 44 records are stolen per second every day due to data breaches, and according to the Risk Based Security Research report published in 2019, databases are the top most targeted assets for malicious actors to exploit organizations’ confidential data. Often, organizations don’t realize their databases have been compromised for months. Once sensitive data is leaked, the damage can’t be undone.
The cybersecurity threat landscape is quickly changing. Administrators have become more cautious when it comes to security and governing access, end users have become tech-savvy and security-aware, and attackers have also raised their game. Living-off-the-land attacks, or LOTL, is one clear trend today, with attackers exploiting preinstalled features and default tools built into system.
USB devices are undeniably valuable, but they can be dangerous. On one hand, they are useful in transporting enterprise-critical data, but on the other, they can wreak havoc if misplaced, corrupted due to a human or hardware-related error, or stolen. It’s no wonder some companies forbid the use of USB devices altogether.
Containers are becoming the new computing standard for many businesses. New technology does not protect you from traditional security concerns. If your containers handle any sensitive data, including personally identifiable information (PII), credit cards or accounts, you’ll need to take a ‘defense in depth’ approach to container security. The CI/CD pipeline is vulnerable at every stage, from build to ship to runtime.
Today we’re very excited to announce a partnership with Amazon to support Fargate in Sysdig’s product line. We are also announcing that Falco, the world’s most popular runtime security tool for containers, will soon be able to work on Fargate. This is an important milestone. For the first time, Fargate users will enjoy the benefit of deep instrumentation. This will make their workloads more secure, reliable, and efficient.
TLS (and the previously used SSL) protocols make the web go round. They are fundamental when establishing a link between two computers, creating a very special mathematical relationship signified by the all-encompassing gesture of friendship: the handshake. So fundamental, in fact, that we probably take them for granted when we shouldn’t. The user relies on TLS encryption every day to protect data and the integrity of a session.
It’s not uncommon for government entities to look to tech leaders in the private sector for trends and technologies. Specifically, the Department of Defense (DoD) has made a concerted effort to modernize software development processes and tool acquisition. In this article, we will reference two 2019 reports created to guide the DoD’s DevSecOps implementation and ongoing success.
Calico is an open source networking and network security solution for containers, virtual machines, and native host-based workloads. Calico supports a broad range of platforms including Kubernetes, OpenShift, Docker EE, OpenStack, and bare metal. In this blog, we will focus on Kubernetes pod networking and network security using Calico. Calico uses etcd as the back-end datastore. When you run Calico on Kubernetes, you can use the same etcd datastore through the Kubernetes API server.
Welcome to the April 2020 edition of the Tigera Calicommunication newsletter! In the March edition, we discussed context-aware flow logs. This edition covers the next component of logging, the audit logs.
