The latest News and Information on CyberSecurity for Applications, Services and Infrastructure, and related technologies.
With the release of build.cfengine.com, I have been working to migrate some of our own security related policy into modules of their own. CFEngine Build and the cfbs tooling allows us to organize policy into modules, which are easy to update independently and share with other users. Let’s take the scenic route and look at what life is like with cfbs. One of our security policies requires that the password hashing algorithm in /etc/login.defs is set to SHA512.
We’re thrilled to announce that Frost & Sullivan has awarded the 2021 Asia-Pacific Company of the Year Award for secure remote access to Pulse Secure (acquired by Ivanti). In determining awards, Frost & Sullivan “applies a rigorous analytical process” that includes “detailed evaluation of best practices criteria.”
As the number of connected gadgets in our homes, offices, and industrial networks continues to grow exponentially, keeping IoT devices secure has become a vital part of our everyday lives. However, our webcams, printers, and smart plugs often lack security features due to their fast time to market, making them particularly vulnerable to attack. And because security metrics themselves can be tricky to assess, tracking IoT device security is increasingly a challenge.
A single Kubernetes cluster expends a small percentage of its total available assigned resources on delivering in-cluster networking. We don’t have to be satisfied with this, though—achieving the lowest possible overhead can provide significant cost savings and performance improvements if you are running network-intensive workloads.
This is the second blog post (part 1 available here) where we look at the history of open source identity management. This post focuses on Oauth and OpenID, the protocols currently used in modern applications and services. This post does not cover the technical details of the open source identity management standards, which are explained very well in this Okta blog post. Rather, it explains the origins of Oauth and OpenID, and provides insights on the context that led to their creation.