Docker containers have revolutionized the software industry. Docker images enable developers using Windows machines to work on applications that use Linux dependencies and different libraries. But with such a large attack surface and the risk of hackers successfully exploiting privileged containers, Securing Docker containers and images is crucial. Putting containers into production can therefore have… Continue reading Securing Docker – 6 best practices
Vulnerability management programs exist to drive desired business outcomes. Period. In the case of Levi Strauss & Co. the desired business outcome is to sell more of the world’s original jeans. Last week it was my privilege to host a webcast with Steve Zalewski, Levi Strauss & Co. deputy CISO, to discuss what keeps him… Continue reading Creating a mature security scanner to sell more jeans
With all the vulnerability remediation suites and individual tools on the market, it can be hard to determine which features and components are essential, which features are merely “nice to have”, and which are a waste of resources. We’ve sorted through the myriad of products and came up with the following list of eight components… Continue reading Vulnerability Scanning as the First Step to Risk Remediation
Knowing what NOT to do can sometimes be just as helpful as knowing the right thing to do. Oftentimes, CISOs and Vulnerability Managers have plans and practices in place that can actually be making matters worse by focusing on the wrong things. Let’s review some of these mistakes so you can avoid them in your… Continue reading Exploited Vulnerabilities Drive Remediation Urgencies
In its 2018 “Global Risks Report,” the World Economic Forum – a prominent international policy think-tank – ranked cyber threats just below extreme weather events and natural disasters.