In this article, we’ll explore how users can secure Kubernetes by discussing the four essential pillars for secure access to K8s, go over how zero-trust principles can be applied to Kubernetes, and look at best practices to create and maintain end-to-end zero-trust K8s environments across data centers, public clouds, and even the edge.
May 5th is World Password Day. How are you and your teams ensuring the best security practices? Experts share their opinion about the potential for password-less solutions, password management, multi-factor authentication, and the need for stronger cybersecurity education and awareness.
Threat hunting, like all cloud security, is rendered additionally difficult by high volumes of transactions and the high velocity of deployments. Security professionals face constantly evolving landscapes as their company infrastructures change and cloud providers offer new tools. While standard and cloud threat modeling share basic methodologies and joint purposes, there are meaningful differences.
We spoke with Paul Farrington, CPO at Glasswall about Content Disarm and Reconstruction technology, how it is used, and how it helps against file-based threats. Paul gives his advice regarding security measures, file-based threats, and how developers can best achieve top-notch security practices.
It’s no secret that DevSecOps with its speedy delivery and reduction in risk can accelerate the pace of digital transformation. In this article, Michelle Sebek, Senior Product Marketing Manager at Progress discusses the role of DevSecOps in digital transformation and policy-based DevSecOps automation architecture.
In this article, Mike Nelson is the VP of IoT Security at DigiCert, discusses Secure By Design and IoT security after DevOps. The IoT needs to be Secure By Design – it’s an oft-repeated and fundamental best practice for IoT security. However – it’s not enough. Secure By Design is a necessary but insufficient step to reach the goal of a secure IoT.
We spoke with Ax Sharma, Senior Security Researcher & Advocate at Sonatype about recent vulnerabilities: Log4j, and colors.js and faker.js. Are we at a turning point in open source software? What were the impacts and how likely is another similar attack in the future?
Deciding on software updates or migration plans when OSS community long-term support ends and just before going into EOL can be difficult and time-consuming. It is tempting to keep heads down and carry on working with EOL OSS in the hope that nothing will happen, or if it does, it is going to be someone else’s problem.
Safer Internet Day, held annually on 8th February, promotes safer practices and better safeguarding on the internet, covering a broad range of areas such as cyberbullying, cybercrime, and digital identity. Tech leaders at Pluralsight, Venari, Cradlepoint and Grayce weigh in on what businesses need to consider when it comes to online safety.
Effective collaboration is a simple yet effective tool in building resilience to better protect those who rely on cyber professionals to keep them, and their businesses, secure. How though, as we move forward, do we keep this sense of collaboration from waning, and ensure the community continues to share and tap into each other’s best practices to improve solutions and applications?
With many of our interactions being touched by a digital element today, whether at work, while shopping, travelling or booking appointments, enterprises and organisations have become inundated with data. But it’s not always clear what the privacy risk to this might be.
Although outside attacks from bad actors are a real concern, most actually happen from within. Whether intentional or not, they can have lasting, detrimental effects on a business. So, while identity management has never been the star of the show, it’s one of the most important components of a successful security strategy.
Did you know that 34% of data breaches involve internal actors? We spoke with Jared Ablon, HackEDU Founder and President, about security. Jared addresses what you need to do to stay secure while working from home, how hackers use unauthorized access, and more.