Higher encryption adoption driven by rising data breach threats

Security and IT professionals in the Middle East are demonstrating a rising desire to secure critical applications and data, driving higher encryption adoption for newer use cases like containers and IoT platforms, as well as for email and private clou… Continue reading Higher encryption adoption driven by rising data breach threats

Kali Linux team releases Kaboxer, a tool for managing applications in containers

The team behind the popular pentesting Kali Linux distro has released Kaboxer, a tool to help penetration testers use older applications that don’t work on modern operating systems, apps that need to run in isolation, and applications that are ha… Continue reading Kali Linux team releases Kaboxer, a tool for managing applications in containers

Label standard and best practices for Kubernetes security

This article talks about label standard and best practices for Kubernetes security, a common area where I see organizations struggle to define the set of labels required to meet their security requirements. My advice is to always start with a hierarchi… Continue reading Label standard and best practices for Kubernetes security

Styra, the startup behind Open Policy Agent, nabs $40M to expand its cloud-native authorization tools

As cloud-native apps continue to become increasingly central to how organizations operate, a startup founded by the creators of a popular open-source tool to manage authorization for cloud-native application environments is announcing some funding to expand its efforts at commercializing the opportunity. Styra, the startup behind Open Policy Agent, has picked up $40 million in […] Continue reading Styra, the startup behind Open Policy Agent, nabs $40M to expand its cloud-native authorization tools

Kubernetes adoption continues to grow

Portworx released findings from its survey which assesses the mass adoption and evolution of Kubernetes usage among enterprise users in the last 12 months, in addition to the impact of the pandemic on IT users’ attitudes towards their jobs. The finding… Continue reading Kubernetes adoption continues to grow

Kubestriker: A security auditing tool for Kubernetes clusters

Kubestriker is an open-source, platform-agnostic tool for identifying security misconfigurations in Kubernetes clusters. It performs a variety of checks on a range of services and open ports on the Kubernetes platform, helps safeguard against potential… Continue reading Kubestriker: A security auditing tool for Kubernetes clusters

MITRE ATT&CK v9 is out and includes ATT&CK for Containers

The Mitre Corporation has released the ninth version of its ATT&CK knowledge base of adversary tactics and techniques, which now also includes a newly created ATT&CK matrix for containers. Source: MITRE MITRE ATT&CK v9 ATT&CK covers… Continue reading MITRE ATT&CK v9 is out and includes ATT&CK for Containers

Managing and maturing Kubernetes security in the enterprise

The TL;DR version of the Infoworld article went something like this: “Companies are shying away from managing their own Kubernetes clusters and more and more, turning to managed Kubernetes solutions” – and I was not surprised. Kubernetes: Complex and e… Continue reading Managing and maturing Kubernetes security in the enterprise

3 Best Practices for Building Secure Container Images

Organizations are increasingly turning to containers to fuel their digital transformations. According to BMC, a 2019 survey found that more than 87% of respondents were running containers—up from 55% just two years earlier. Additionally, 90% of survey … Continue reading 3 Best Practices for Building Secure Container Images

A Security Vulnerability Management Guide

Living in a container-native world is not easy. Containers have a reputation for being a point of entry for security vulnerabilities for many organizations. In 2015, according to a research paper, over 40% of Docker images distributed through Docker H… Continue reading A Security Vulnerability Management Guide