Collaborate Disseminate
During RSA Conference 2018, Aqua Security surveyed 80 security professionals to gain their unfiltered, high-level perspective on the fast-emerging discipline of DevSecOps. According to the survey respondents, DevSecOps is quickly gaining support and tr… Continue reading DevSecOps is maturing, 62% of organizations have a team in place
Discover, secure and govern personal data in motion StreamSets Data Protector reduces risk of violations by helping companies meet requirements for GDPR, HIPAA and other compliance regimes. It extends protection to the point of initial data ingestion, … Continue reading New infosec products of the week: March 9, 2018
The migration to container-based application infrastructure is accelerating at a faster pace even than we saw with hypervisor-based infrastructure 18 or so years ago. Hand in hand with this is the race to provide better security solutions that are native to—and purpose-built for—containerized environments. Aqua Security is one such company doing that. It has established..
The post SecBlvd Chats: Aqua Security Seeks to Lock Down Container Security appeared first on Security Boulevard.
Continue reading SecBlvd Chats: Aqua Security Seeks to Lock Down Container Security
Ransomware protection intercepts threats targeting enterprise data FileCloud announced FileCloud Breach Intercept, which offers ransomware protection. FileCloud offers branding and customization tools, allowing you to set your own policies, and design your own emails and alerts. Customized emails and UX reduce spoofing risk as hackers can’t run a mass spoofing unless they have an exact copy of an email from one of your employees. Nfusion 2 provides stronger misattribution environments for online investigation Ntrepid announced … More → Continue reading New infosec products of the week: October 20, 2017
With companies such as Facebook, Netflix and Google heralding the use of containers for their agility, portability, and cost benefits – enterprises are following suit. But the introduction of new processes and changes to infrastructure require a significant shift in focus. To learn the current state of container security in the enterprise, Aqua Security surveyed 512 individuals meeting the criteria of using containers in development or production today, or planning to use them in the … More → Continue reading Enterprise container security: There’s room for improvement
Abuse of the Docker API allows remote code execution on targeted system, which enables hackers to escalate and persists thanks to novel attacks called Host Rebinding Attack and Shadow Containers. Continue reading Attack Uses Docker Containers To Hide, Persist, Plant Malware
We are all aware of the risks introduced by good old third party code. Where would we be without it? Apparently not very far. It is estimated that between 30 to 70 percent of code comes from 3rd party applications. This is why we patch up old libraries and update open source packages. While the risks of 3rd party code are well known, the risks of using 3rd party containers are more obscure. In this … More → Continue reading Keys, tokens and too much trust found in container images
New approach to continuous Docker container security NeuVector’s solution for container security is itself a container. The application automatically learns and whitelists normal behavior to protect environments even as containers scale up and down. Through this built-in continuous application and network intelligence, it provides application layer segmentation that isolates container traffic. Any abnormal connections can then be detected and blocked before causing harm. NeuVector completes its solution with runtime vulnerability scanning across all running containers … More → Continue reading New infosec products of the week: February 3, 2017