The latest News and Information on CyberSecurity for Applications, Services and Infrastructure, and related technologies.
We often hear from our customers that to adopt a container and Kubernetes security tool in any mid sized or large organization, separation of duties and least privilege access via RBAC is a must. Admin roles cannot be granted unnecessarily to all teams. If users or groups are routinely granted these elevated privileges, account compromises or mistakes can result in security and compliance violations.
At the start of this month, three U.S. law firms got hit with ransomware attacks. Ivanti security expert Chris Goettl gives us his take on the incident below. First, why are legal firms a good target? To answer that we need to look at what makes an ideal payout scenario for a ransomware attack.
In so many ways, speed is a security analyst’s best friend. From threat detection to containment to response – the faster you are, the more secure your business will be. It’s exactly why metrics like dwell time, MTTD (mean time to detect) and MTTR (mean time to respond) exist. It’s a barometer for the strength of your organization’s security, and a gauge of success for any good security team.
At the end of 2019, we released a new Suricata input plugin with Telegraf 1.13.0. In this blog, I’ll talk about the the powerful combination of these two open source products — the importance of Suricata and why you should use Telegraf to monitor its performance. I wanted to start off first thanking Sascha Steinbiss for submitting this plugin. Here at InfluxData, we can’t tell you how much we value our open source community.
How would you like to be in touch with what’s happening at your doorstep at all times — whether it’s a package delivery, or your loved ones arriving home — no matter where you are? Now think about the folks at Arlo, a leading home automation company, who deliver on this promise for 3.4 million homes in over 100 countries. We hear from Suma about how she uses Arlo to get notified as soon as her kids arrive home from school.
Monitor Kubelet is key when running Kubernetes in production. Kubelet is a very important service inside Kubernetes’ control plane. It’s the component that cares that the containers described by pods are running in the nodes. Kubelet works in a declarative way by receiving PodSpecs and ensuring that the current state matches desired pods.
So, you’ve installed Coralogix’s STA and you would like to start analyzing your traffic and getting valuable insights but you’re not sure that you’re mirroring enough traffic or wondering if you might be mirroring too much data and could be getting more for less. The harsh truth is that in order to be able to detect everything, you have to capture everything and in order to be able to investigate security issues thoroughly, you need to capture every network packet.