Cloudsmith accepted to The Northern Ireland Cyber Security Cluster - companies developing world-leading cybersecurity technologies.

Kubernetes security tools … there are so freaking many of them; with different purposes, scopes and licenses. That’s why we decided to create this Kubernetes security tools list, including open source projects and commercial platforms from different vendors, to help you choose the ones that look more interesting to you and guide you in the right direction depending on your Kubernetes security needs.

A recent CNCF-sponsored Kubernetes security audit uncovered CVE-2019-11246, a high-severity vulnerability affecting the command-line kubectl tool. If exploited, it could lead to a directory traversal, allowing a malicious container to replace or create files on a user’s workstation. This vulnerability stemmed from an incomplete fix of a previously disclosed vulnerability (CVE-2019-1002101). Are you vulnerable?

We are very excited to announce Calico v3.8. Here are some highlights from the release. You can now view IP address usage for each IP pool using calicoctl. This allows you to more easily manage the IP space in your cluster, providing a simple way to see which IP pools have addresses available and which are running low. See the calicoctl reference documentation for more detailed information on how to use this feature.

On AWS, your workloads will be as secure as you make them. The Shared Responsibility Model in which AWS operates ensures the security of the cloud, but what’s in the cloud needs to be secured by the user. This means that as a DevSecOps professional, you need to be proactive about securing your workloads in the Amazon cloud. Achieving the optimal level of security in a multi-cloud environment requires centralized, automated solutions.

In the previous post, we discussed the various environments that Log360 helps you audit and secure. Having established the ease of Log360’s use and the breadth of its auditing scope, now we’ll examine some of the critical areas it can help you monitor. With over 1,000 predefined reports and alerts for several crucial types of network activity, Log360 provides comprehensive network auditing.

Read the latest news on Magecart attacks! We’ve trawled the web for the latest news of data breaches, including updates on previous attacks. Now featuring insider insights from our own Security Researcher! Latest attacks: New! Major Attack on US Medical Debt Collection company American Medical Collection Agency (AMCA). Their payment portal was compromised for 8 months from August 1st, 2018 to March 30th, 2019.

Five worthy reads is a regular column on five noteworthy items we’ve discovered while researching trending and timeless topics. This week, we discuss the state of cybersecurity in the education sector. Making up more than 6 percent of the gross world product, the global education sector has been growing at a 4.5 percent compound annual growth rate (CAGR) and is forecasted to be worth $10 trillion by 2030.

In the previous post of this series, we looked at how easy it is to get Log360 up and running due to its various deployment features and easy-to-use UI. Today, we’ll dive into the solution’s wide range of support for event sources across multiple environments. Servers and workstations. With Log360, you can easily go deep into the events occurring on all Windows, Unix/Linux, and IBM servers and workstations in your network.

Today we are very proud and happy to launch our latest non-supported release, CFEngine 3.14.0. 3.14 is a great number, being the closest we will get to PI, we also wanted to introduce something very special this time around, and we did!