Operations | Monitoring | ITSM | DevOps | Cloud

In this blog post we are going to cover how to perform Docker image scanning on the Gitlab CI/CD platform using Sysdig Secure. Container images that don’t meet the security policies that you define within Sysdig Secure will be stopped, breaking the build pipeline before being pushed to your production Docker registry.

As discussed in our blog post [What is User Activity Monitoring?], user activity monitoring (UAM) is a form of surveillance that provides visibility and insight into employee productivity and engagement while also revealing insider security threats. While UAM on company-owned or company-sanctioned devices and networks is legal, ethical and HR considerations require that UAM be implemented with a high level of professionalism and sensitivity.

User Activity Monitoring (UAM) tracks the behavior of internal end-users—employees, subcontractors, partners, and so on—on a company’s networks, devices, and other IT resources. UAM, sometimes also called employee monitoring, may be deployed for a number of reasons, such as providing insight into the productivity of both individual employees and the company as a whole. Is Employee X spending too much time browsing the internet for non-business purposes during work time?

Enterprises are increasingly adopting a cloud-first approach and migrating their workloads, data and applications to the Cloud. Amazon Web Services continues to lead the Public Cloud industry with more than 30% of the market. As digital transformation progresses and the digital space expands, so does the attack surface that exposes the ongoing proliferation of security risks. In today’s cloud-first world, security remains the primary concern.

Many individuals feel accomplished after owning a business website; so much so that they even forget to set up security defenses around it. On the other hand, most of the people deliberately skip this step because why would hackers hack small-scale business models, right? You would be surprised to learn that 43% of hackers target small businesses. Besides, 60% of small-scale companies go out of business within six months of a cyberattack.

Signal Sciences is proud to announce our integration with the Datadog platform. This integration furthers our mission of producing the leading application security offering that empowers operations and development teams to proactively see and respond to web attacks—wherever and however they deploy their apps, APIs, and microservices.

There’s no need to look outside the Elastic Stack for apps to ensure data protection. Basic Elasticsearch Security features are free and include a lot of functionality to help you prevent unauthorized access, preserve data integrity by encrypting communication between nodes, and maintain an audit trail on who did what to your stack and with the data it stores. From authentication to encryption and backup, Elasticsearch security covers everything that’s needed to safeguard your cluster.

From online banking, insuring cars, and shopping, we are almost totally reliant upon the internet to complete daily tasks and make our lives easier. However, as technological advancements give us greater convenience, increase productivity, and provide greater access to whole new swathes of entertainment, consumers and businesses alike leave themselves at risk of cyberattacks against which robust defenses must be in place.

DevOps, security, and SOC teams find themselves constantly facing new cyber threats, ever-evolving attackers, and innovative attack vectors. Their challenges range from protecting employees’ mobile devices to preventing malicious parties from accessing an organization’s financial data or customers’ personal information.

There’s a new shapeshifting strain of Android malware in the mix. It replaces legitimate apps with compromised ones and is imaginatively named Agent Smith after the iconic villain in The Matrix. Yet another malware attack targeting Android—so what’s the big deal? Agent Smith is similar to other malware campaigns such as Gooligan, HummingBad, and CopyCat with respect to the destruction it can cause via fraudulent ads.