First Officer’s log, Terrestrial date, 20220926. Officer of the Deck reporting. We have been getting steady mission updates from the team on [REDACTED] and they are making admirable progress. However, it has not been without complications. I may have to put Lieutenant [REDACTED] in for a commendation for her not taking a Phaser to some… Continue reading CVE-2007-4559 revival and more: first officer’s blog – week 18
Cloud-native infrastructures take advantage of all cloud computing has to offer: distributed architecture, scalability, flexibility, and the ability to abstract multiple layers of infrastructure—allowing it to be defined in code. Relying on automation, this code-based configuration approach offers numerous benefits: Easy-to-manage infrastructure Ability to turn features on and off as needed Greater accuracy Improved speed… Continue reading How to integrate risk-based security with your cloud-native infrastructure
Without a Kubernetes cheat sheet, beginners can find it pretty daunting. While it offers a feature-rich, flexible, and extensible platform, the downside is that Kubernetes security can be quite challenging. Any misconfigurations in Kubernetes can potentially expose your application data and allow malicious actors to compromise its services. While there exist several means for protecting… Continue reading Kubernetes for beginners – a step-by-step guide
Only unused applications don’t receive updates. Otherwise, there are always more bugs to resolve, new requirements to address, and the latest software to integrate. Patching is the name that’s been given to the act of improving software. For example, if a bugfix is developed, a new patch on the given application is applied; if a… Continue reading Ease the Patch Management Burden with Kubernetes and Docker
The past couple of weeks have presented many challenges from a security standpoint. There’s a lot of noise around threat actors, phishing campaigns etc., and it might seem hard to differentiate between what’s actually requires attention and what doesn’t.
With the ephemeral nature of containers, you might think that patching is far less critical than it really is. But in fact, as with more traditional systems, patching both the containers and the underlying management systems is just as critical as tending to any other system.
Continuous integration and continuous delivery and/or deployment (CI/CD) has become a staple within the modern software development landscape, and it is now extending into patch management. The importance of your environment’s security cannot be overstated, nor can the difficulty of maintaining that security. The question then becomes: What exactly is CI/CD and how can you… Continue reading Integrate CI Tools with VM for Risk Remediation