Recent news on the discovery of the first Kubernetes vulnerability, the popular cloud container orchestrations system, highlights two things critical to security, the need to: Audit and harden systems on the periphery and inside an infrastructure, and Continually review these…
Tag: access
Will we be able to control data in the wild? (Black Hat 2016)
Guest blog by David Spark, Spark Media Solutions “Once the data is out there, it’s out of their control,” said Elliot Lewis (@elliotdlewis), VP of security, risk, and compliance research at Info-Tech Research Group, in our conversation at the Black…
How microsegmentation helps with applications
Guest post by Matthew Pascucci, Frontline Sentinel One use case for microsegmentation that we haven’t completely touched on in previous posts is the protection of applications within your network. We’ve discussed the use of security as a whole and why…
How microsegmentation helps with compliance
Guest post by Matthew Pascucci, Frontline Sentinel In our last article on microsegmentation, we spoke about the security use-case. The security use-case is the linchpin to all other use cases for microsegmentation. It is the founding case that will spawn…
Why you need microsegmentation
Guest post by Matthew Pascucci, Frontline Sentinel One of the golden rules of security is to use proper segmentation in a network to protect your assets. It’s brought up in compliance standards, security best practices and by almost every security…
How Halo can help with the ImageMagick vulnerability
Last week, a serious vulnerability, CVE-2016-3714, was announced in ImageMagick, software commonly used on websites to manipulate images. The vulnerability was discovered on *NIX-based operating systems. The vulnerability, nicknamed ImageTragick, could potentially allow Remote Code Execution (RCE) if the server…
Why Old FIM Tools Fail In Agile IT Models
File integrity monitoring (or FIM) tools can be an important part of intrusion detection and configuration security. When combined with other tools, FIM gives you vital information about your servers for compliance and security. But too often these tools fall…
U.S. Universities Get “F” For Cybersecurity Education
In recent remarks by Commerce Secretary Penny Pritzker at Montgomery College, she noted that there are an “estimated 210,000 open and unfilled cybersecurity jobs in the United States today.” This is a remarkable statistic, but not all that surprising since most…
Dynamic Computing Gives Security an Opportunity to Become Business Enablers
Richard Stiennon of IT Harvest interviews CloudPassage CTO Amrit Williams In this IT-Harvest interview, CloudPassage CTO and former Gartner analyst Amrit Williams explains to Richard Stiennon how the third IT platform, dynamic computing/cloud computing, is presenting new challenges and opportunities…
Why a Network Appliance-Only Defense is a Costly Failure (RSA 2016)
Guest blog by David Spark, Spark Media Solutions “The less segmentation you have the easier you’re giving the path of least resistance to the malicious hacker,” said Bill Brenner(@billbrenner70), Senior Tech Writer, Akamai Technologies, in our conversation at the 2016…