This is a guest post written by Appranix. Now that Red Hat OpenShift 4 has officially been released, it’s time to start thinking about migration from Red Hat OpenShift Container Platform 3 to OpenShift Container Platform 4. You can check out the details about the differences between OpenShift 3 and 4 here. One of the biggest differences between OpenShift 3 and 4 is how OpenShift 4 clusters operate using immutable and automated infrastructure enabled by RHEL CoreOS and automation.

So far in this blog series, we’ve seen how Log360 is simple to get up and running, allows you to receive a central view of multiple environments, provides deep auditing capabilities across these environments, and comes with advanced security features to deal with all manner of security incidents. In the concluding post of this blog series, we’ll look at another highly essential component of SIEM solutions: integrated compliance management.

The recently discovered BlueKeep RDP vulnerability reminds us yet again (as if needed to be reminded) that monitoring RDP is not a luxury but an absolute necessity. Many organizations still expose RDP ports to the Internet, making it a prime target for attacks. But even when RDP is only available internally it can still pose a threat – especially for large networks.

When you build and deploy an application, chances are that you need to store some form of secrets. These are typically things like credentials for 3rd party systems and database credentials. As an ASP.NET Core developer, Microsoft provides you with an easy way to store secrets like these in your development environment, namely the Secret Manager.

In this blog post we are going to cover how to perform Docker image scanning on the Gitlab CI/CD platform using Sysdig Secure. Container images that don’t meet the security policies that you define within Sysdig Secure will be stopped, breaking the build pipeline before being pushed to your production Docker registry.

As discussed in our blog post [What is User Activity Monitoring?], user activity monitoring (UAM) is a form of surveillance that provides visibility and insight into employee productivity and engagement while also revealing insider security threats. While UAM on company-owned or company-sanctioned devices and networks is legal, ethical and HR considerations require that UAM be implemented with a high level of professionalism and sensitivity.

User Activity Monitoring (UAM) tracks the behavior of internal end-users—employees, subcontractors, partners, and so on—on a company’s networks, devices, and other IT resources. UAM, sometimes also called employee monitoring, may be deployed for a number of reasons, such as providing insight into the productivity of both individual employees and the company as a whole. Is Employee X spending too much time browsing the internet for non-business purposes during work time?

Enterprises are increasingly adopting a cloud-first approach and migrating their workloads, data and applications to the Cloud. Amazon Web Services continues to lead the Public Cloud industry with more than 30% of the market. As digital transformation progresses and the digital space expands, so does the attack surface that exposes the ongoing proliferation of security risks. In today’s cloud-first world, security remains the primary concern.

Many individuals feel accomplished after owning a business website; so much so that they even forget to set up security defenses around it. On the other hand, most of the people deliberately skip this step because why would hackers hack small-scale business models, right? You would be surprised to learn that 43% of hackers target small businesses. Besides, 60% of small-scale companies go out of business within six months of a cyberattack.

Signal Sciences is proud to announce our integration with the Datadog platform. This integration furthers our mission of producing the leading application security offering that empowers operations and development teams to proactively see and respond to web attacks—wherever and however they deploy their apps, APIs, and microservices.