Uh oh, the site’s certificate has expired. How do we generate a new one? Where’s the private key? Which servers need the new cert? What even goes in the cert? If this sounds all too familiar, rest assured you’re not alone. Outages due to expired certs are far too common and it happens to sites of all sizes (one recent example includes Microsoft Teams going down for several hours due to an expired cert). Disruptions like this are entirely preventable with proper monitoring in place.

The global corporate landscape is on the brink of a complete premises lockdown in light of the COVID-19 crisis. Service disruption is inevitable, and enterprises’ business continuity plans are being put to the test. Despite this challenge, it’s heartening to see companies across nations take quick steps to ensure the health and safety of their employees during these trying times.

Like many of my peers, my role as a Chief Security Officer (CSO) has dramatically changed as we work to understand and adapt to COVID-19. It’s hard to believe that just a few weeks ago, my mind was focused on things such as FedRamp and the California Privacy Act (CCPA), now the majority of my time is focused on ensuring our employees safety and productivity, so they can continue to deliver products and support our customers and partners.

Employee monitoring has become a standard practice across different industry verticals to examine productivity and ensure that company resources are being used in the right manner. In addition to keeping a track of the manner in which employees are working, it also allows preventing theft and serves as evidence in litigation. Employee monitoring applications offer a means of tracking the activities of employees and remove any guesswork about what employees are doing throughout the day.

In 2019 multiple cities, hospitals and educational institutions in the U.S. were crippled by ransomware, including Baltimore, Atlanta, New York City, Regis University in Denver and Monroe University in New York. In the the last 12 months, the infosec community has seen these ransomware operators seriously upping their game (see Ryuk ransomware).

If you're a cybersecurity leader with decades of experience in the industry, I am sure you've helped your organization navigate major security issues related to remote working. Technology has evolved drastically across the decades, with new attack surfaces emerging with each shift.

Kubernetes 1.18 is about to be released! After the small release that was 1.17, 1.18 comes strong and packed with novelties. Where do we begin? There are new features, like the OIDC discovery for the API server and the increased support for Windows nodes, that will have a big impact on the community. We are also happy to see how some features that have been on Alpha state for too long are now being reconsidered and prepared for the spotlight, like Ingress or the API Server Network Proxy.

When China built an entire emergency hospital in a matter of days in Wuhan – a city about the size of NYC that most of us had never heard of – the world was watching with concern, but somehow still expected and hoped that the crisis would somehow remain contained to China, or at least Asia. People in Europe and the U.S.

The National Institute of Standards and Technology (NIST), a physical sciences laboratory and a non-regulatory agency of the United States Department of Commerce, recently released their guidelines for password security. Some of them are contrary to what we’ve come to believe are good password policies. Our IT security expert will talk more about these guidelines in our upcoming webinar. Let’s take a look at what some of them are.