The latest News and Information on CyberSecurity for Applications, Services and Infrastructure, and related technologies.
CFEngine 3.17.0 introduced custom promise types, which enable CFEngine users to extend core functionality and policy language in a simple way. As an example of the power and simplicity of this new feature, I will show a promise type that helps to observe a website’s status. The module which implements this promise type was written in a couple of hours.
As we enter a new year, it’s an appropriate time to reflect on our achievements at Tigera and how much Calico Enterprise has evolved over the past year as the industry’s leading Security and Observability solution for Kubernetes Networking and Microservices.
Introduction Many things blur the line between endpoint management and security. Examples? Managing an endpoint. Configuring it. Performing application and software management. And patching the endpoint. The fact is, managing and securing a device is so interrelated that it makes sense for these two functions to come together in a single platform that can accomplish these, and other tasks needed in your IT organization. Here are the seven ways Unified Endpoint Management (UEM) can support security.
Several months ago I started the practice of using CFEngine Enterprise and its Mission Portal UI on a daily basis to manage the connected devices in my home. To start, I brought up an old desktop machine, cfengine-hub, to use as my hub and downloaded Enterprise, which is free for use up to 25 hosts. The next step in using best practices is to deploy policy from a version control repository.
Network security has changed a lot over the years, it had to. From wide open infrastructures to tightly controlled environments, the standard practices of network security have grown more and more sophisticated. This post will take us back in time to look at the journey that a typical network has been on over the past 15+ years. From a wide open, “chewy” network, all the way to zero trust networking. Let’s get started.
In this blog, we will compare and contrast Falco vs. AuditD from a Host Intrusion Detection (HIDS) perspective. AuditD is a native feature to the Linux kernel that collects certain types of system activity to facilitate incident investigation. Falco is the CNCF open-source project for runtime threat detection for containers and Kubernetes. We will dig deeper into the technical details and cover the installation, detection, resource consumption, and integration between both products.