Companies migrating to the cloud need to ensure they have a strong security posture and can meet compliance requirements. Along with ensuring compliance, companies also are faced with the challenge of tying together multiple security tools that generate a high volume of event data across disparate interfaces and platforms. To help address this challenge, a new security service was introduced at AWS re:Invent 2018: AWS Security Hub.

In the previous posts of this blog series, we discussed advanced persistent threats and data breaches, highlighting the importance of data security in today’s times. In the final post of this series, we’ll talk about cryptojacking, a type of attack that can severely affect your network’s integrity, and how you can combat it with event correlation.

SIEM and log management provide security to your organization; these tools allow your security analysts to track events such as potential and successful breaches of your system and react accordingly. Usually, it doesn’t matter how you ensure your organizational safety-as long as you do.

With it now being so easy to share information, we have a tendency to over-divulge. We check into public places online, tell the world when we’re going on holiday and where, and send and receive risqué photos. However, when it became public knowledge that the NSA, internet service providers, and trusted social media platforms were able to monitor our private messages, the choice to share or not to share was taken away from us.

Protecting your data, and that of your clients, should be central to all of your business practices. Customers entrust companies with often very sensitive data, and it should be used and stored safely. Cyber security should be a priority in companies of any size, but when you’re a small business without a big security budget, how do you keep yourself protected?

It finally happened. At the start of DockerCon Europe and a week before KubeCon was set to take place in the U.S., researchers discovered the first major vulnerability within Kubernetes, the popular cloud container orchestration system.

Just as we were getting ready to launch our Data Breach Monitor, we heard the unfortunate news that fellow Yorkshire based business Vision Direct had suffered a malware attack, which resulted in the loss of financial data of around 6,600 customers. So we asked ourselves, could we have detected the same attack using our new monitor? The only way to find out was to infect a website and see what would happen…

Over the past four years we’ve helped hundreds of organizations run reliable, secure, and compliant Kubernetes and Openshift clusters. Some of the key themes we’ve seen from organizations that have successfully grown their Kubernetes footprint are: they have immaculate labeling, understand how to leverage internal Kubernetes features to harden their platform, and understand what developers need access to and manage it with RBAC and namespaces.