We are thrilled to announce the availability of Calico Enterprise 3.5, which delivers deep observability across the entire Kubernetes stack, from application to networking layers (L3–L7). This release also includes data plane support for Windows and eBPF, in addition to the standard Linux data plane. These new capabilities are designed to automate, simplify and accelerate Kubernetes adoption and deployment. Here are highlights from the release…

Last week we covered the essentials of event logging: Ensuring that all your systems are writing logs about the important events or activities occurring on them. This week we will cover the essentials of centrally collecting these Event Logs on a Window Event Collector (WEC) server, which then forwards all logs to Elastic Security.

The CVE-2021-25735 medium-level vulnerability has been found in Kubernetes kube-apiserver that could bypass a Validating Admission Webhook and allow unauthorised node updates. The kube-apiserver affected are: You are only affected by this vulnerability if both of the following conditions are valid: By exploiting the vulnerability, adversaries could bypass the Validating Admission Webhook checks and allow update actions on Kubernetes nodes.

Today, I am excited to share that we secured $188M in a new funding round, at a valuation of $1.19B (read more here). At the outset, I want to thank our employees, partners, investors and most importantly, our customers for this important milestone. The funding follows a year of unmatched innovation that led to accelerated revenue growth, installed base growth, and rapid community adoption of our open source projects.

Some great new research coming out of the survey data published by 451 Research on Enterprise spending for Information Security. There have been more advanced ways of trying to implement security controls and avoid security issues by integrating security into the development or continuous integration and release pipelines. Despite that, there is still strong interest in using log and event data to manage the security posture of an organization in a SIEM solution.

While PR analysis within Code Insights and Snyk Pipes are available to use right now, we're rolling out a native Security tab in Bitbucket Cloud. This will be a gradual rollout through the month of May so watch out for it in the left nav. We look forward to your feedback. Even small vulnerabilities can cost a team a lot. All too frequently we see news reports of organisations that mishandled their code & build level security, causing customer data to be exposed.

One of the findings of our investigations pointed to a compromised account as a possible cause of the cyberoperation. While I was reading the results, I thought, “That could have been me. In fact, it could have been any of our employees,” and I began asking myself what I as an individual could do to increase the security of the company I’m working for. Let’s face it, most of the risk is produced by us humans and our behavior.

We all like to enjoy untethered freedom, as is shown by the incredible growth of mobile devices we use every day for business and personal activities. We use mobile devices for buying products and services, and banking and investing. We download apps that allow us to connect with our favorite businesses and socially interact with friends and relatives.

Financial crime has become a red-hot topic over the last 12 months, as fraudsters have sought to exploit the monitoring gaps between people, process and technology across an ever-widening attack surface – driven by the growth in usage of remote (digital) channels. Even before its recent growth, the cost of fraud and financial crime was significant.