Operations | Monitoring | ITSM | DevOps | Cloud

The latest News and Information on CyberSecurity for Applications, Services and Infrastructure, and related technologies.

Applying policy as code in the modern cloud-ready enterprise: Graeme Hay, Morgan Stanley

Join us as we look at the advantages, but also the practical challenges, of applying modern, policy-as-code ("PaC") approaches in a modern cloud-ready enterprise. This talk will show how Morgan Stanley is drawing upon years of experience in its own proprietary implementation of PaC in its approach to embracing today's ideas. We will look at a diverse set of considerations from GitOps as a method to applying PaC in modern software development and deployment to enforcement of best practices and compliance in the Cloud.

2021 Building an SDWAN Requirements Document and Vendor Selection

This video discusses defining key requirements (business, technical, operational, and security) in order to decide whether SD-WAN can deliver benefits to your organization. SD-WAN vendor consolidation and classification are also discussed. The requirements document should be fundamental to your SD-WAN vendor selection process. #TeneoGrp

The Crossroad of Security & Observability in Kubernetes: A Fireside Chat

Security as an afterthought is no longer an option and must be deeply embedded in the design and implementation of the products that will be running in the cloud. It is increasingly more critical for many security teams to be almost, if not equally, knowledgeable of the emerging and rapidly evolving technology. Join Manish Sampat from Tigera, as explores the topic in detail with Stan Lee from Paypal.

Ensuring adequate security, observability, & compliance for cloud native applications

Containers, Microservices, and cloud-based applications have revolutionized the way companies build and deliver products globally. This has also changed the attack surface and requires very different security strategies and tools to avoid exposure to sensitive information and other cyber attacks. Regulatory compliance has also evolved making it ever so important for companies to adapt to this new paradigm.

How to rightsize the Kubernetes resource limits

Kubernetes resource limits are always a tricky setting to tweak, since you have to find the sweet spot between having the limits too tight or too loose. In this article, which is a continuation of the Kubernetes capacity planning series, you’ll learn how to set the right Kubernetes resource limits: from detecting the containers without any limit, to finding the right Kubernetes resource limits you should set in your cluster.

Enabling You to Get the Best from AWS: Introducing the New Calico AWS Expert Certification

Calico is the industry standard for Kubernetes networking and security. It offers a proven platform for your workloads across a huge range of environments, including cloud, hybrid, and on-premises. Given this incredibly wide support, why did we decide to create a course specifically about AWS?

Wall Street Journal Predicts Dire Cybersecurity Days Ahead, Endorses Zero Trust

Let’s be honest for a second. This is a corporate blog. Yes, we aim to provide our readers with actionable, educational information. And, yes, we strive for complete transparency. But, at the end of the day, we understand if you’re skeptical of some of what’s written here. We’re a business, not a news publication, and it’s impossible for us to be completely unbiased all the time.

Detecting Password Spraying Attacks: Threat Research Release May 2021

The Splunk Threat Research team recently developed a new analytic story to help security operations center (SOC) analysts detect adversaries executing password spraying attacks against Active Directory environments. In this blog, we’ll walk you through this analytic story, demonstrate how we can simulate these attacks using PurpleSharp, collect and analyze the Windows event logs, and highlight a few detections from the May 2021 releases.

Digital Data Loggers vs. Chart Recorders. When To Upgrade

A digital data logger is an electronic device that measures and records various environmental conditions. These conditions can be temperature, humidity, pressure, voltage, or current. Measuring them is essential in many industries where compliance regulations exist. A chart recorder is essentially an old-school version of the digital data logger. Instead of using a microprocessor for storage, a chart recorder marks the measurements on a paper chart that shows variations in the values recorded at a glance. In this article, we will take a closer look at each and compare the two.

Automated Falco rule tuning

We recently released the automated Falco rule tuning feature in Sysdig Secure. Out-of-the-box security rules are a double-edged sword. On one side, they allow you to get started right away. On the other, it can take many working hours to learn the technology, configuration, and syntax to be able to customize the rules to fit your applications. Falco’s default security rules are no different.