Operations | Monitoring | ITSM | DevOps | Cloud

As a Senior Solutions Engineer helping customers deploy cloud-native technologies, I have been using Docker and Rancher for more than five years. Heck, I even helped steer Rancher for offline use when it was the 0.19 release. I have loved the product and company for YEARS. We all know how complicated it is to set up Kubernetes, and customers love Rancher because it simplifies that rollout.

The conventional monitoring solution focussed primarily on analysing the performance of the network. Gradually, the scope of such tools increased and they are now packed with a host of security features. Focus is now more towards Forensic analysis, security threats analyzer, TCP analyzer, Firewall monitoring, Auditing and Compliances. So, how do you know which network security monitoring tool is essential for you? Which technique will provide the best ROI for your business?

Common Vulnerability Scoring System (CVSS) scores have been viewed as the de facto measure to prioritize vulnerabilities. Vulnerabilities are assigned CVSS scores ranging from one to 10, with 10 being the most severe. However, they were never intended as a means of risk prioritization. If you’ve relied on CVSS scores alone to safeguard your organization, here’s why you’re probably using them incorrectly.

This post will help you write effective Snort Rules to materially improve your security posture. We’ll begin with a breakdown of how a Rule is constructed and then explore best practices with examples in order to capture as many malicious activities as possible while using as few rules as possible. Snort is an open-source network intrusion detection system (NIDS) that provides real-time packet analysis and is part of the Coralogix STA solution.

An Elastic Security Advisory (ESA) is a notice from Elastic to its users of a new Elasticsearch vulnerability. The vendor assigns both a CVE and an ESA identifier to each advisory along with a summary and remediation details. When Elastic receives an issue, they evaluate it and, if the vendor decides it is a vulnerability, work to fix it before releasing a remediation in a timeframe that matches the severity.

Trend Micro Cloud One is a strong enterprise data security solution for data centers and cloud environments. Trend Micro’s advantages, like most other security tools, lie in its pairing with other security resources. That’s where Logz.io comes in. It brings together disparate data that Trend Micro tracks to create fully summarized dashboards and extremely detailed ones with specific focuses.

As file storage grows rapidly year after year, new challenges arise around keeping data safe and maintaining control over data storage systems. Who owns which files? Whose files take up what volume of enterprise storage? Which files have become obsolete? How many copies of a file exist, and where? Are there any stale files that contain sensitive data? These questions require up-to-date answers to ensure that business, compliance, and data security needs are easily and effectively met.

While auditing the Kubernetes source code, I recently discovered an issue (CVE-2020-8563) in Kubernetes that may cause sensitive data leakage. You would be affected by CVE-2020-8563 if you created a Kubernetes cluster over vSphere, and enabled vSphere as a cloud provider with logging level set to 4 or above. In that case, your vSphere user credentials will be leaked in the cloud-controller-manager‘s log.