The latest News and Information on CyberSecurity for Applications, Services and Infrastructure, and related technologies.
Rancher 2.4, the latest release of Rancher’s Kubernetes management platform, includes a new CIS security scanning feature. The Center for Internet Security publishes more than 100 benchmarks for Kubernetes, which are considered the default standard benchmark for defining security of Kubernetes clusters. With Rancher 2.4, CIS scanning is an integrated part of the Rancher UI itself for RKE clusters. If you create or import any RKE cluster via Rancher, CIS Scan will work flawlessly.
While keeping data safe from modern cyberthreats is difficult enough, you also have to keep in mind compliance with common regulations, i.e., ensuring your company’s compliance to SOX, which deals with transparency in disclosures from public companies. Nowadays, it’s not enough for businesses to rely on dismissive financial documents that satisfy the intermittent audit; you need to level up your game, and create detailed day-to-day records of activities.
When we discuss Splunk Phantom with customers here at Splunk, we end up talking about phishing pretty frequently. As discussed in a recent blog post, "Phishing Emails — Don’t Get Reeled In!," phishing is a super common issue that almost everyone deals with ad nauseum. It’s also a nuisance to investigate. The good news is that automation excels at dealing with repetitive, mind-numbing workflows like phishing investigations.
A friend that can’t keep a secret isn’t one you’ll rely on. The same is true for your mission critical CI/CD tool that you have to entrust with credentials for each integrated component. Keeping your secrets safe can be a challenge for CI/CD tools, since they need to connect to such a variety of other services. Each one needs its own password or token that must be kept hidden from prying eyes.