Securing Containers in The AWS Cloud with Trend Micro

Rapid adoption of containers is changing the way that businesses build their applications. Services like Amazon ECS, Amazon EKS, and AWS Fargate let builders focus on solving business problems instead of managing infrastructure. But the move to containers also requires a shift in how you approach...

AWS Helping to Unlock Potentially Life-saving Innovation for the Healthcare Sector – While Keeping Sensitive Information Locked Down

Marnie Wilking – CISO, VP Information Assurance, Orion Health Many of the next significant, potentially lifesaving discoveries that will happen in healthcare will be the direct result of big data, machine learning and artificial intelligence. Making the shift to big data, machine learning and...

ThreatList: One-Third of Firms Say Their Container Security Lags

Even as companies move to embrace cloud deployments and containers, most organizations with such deployments don’t feel prepared to adequately secure cloud-native applications. According to StackRox’ State of Container Security report, which polled about 230 respondents in the U.S., more than a...

Critical WordPress Plugin Flaw Grants Admin Access to Any Registered Site User

Another day, another critical WordPress plugin vulnerability. The popular AMP for WP plugin, which helps WordPress sites load faster on mobile browsers, has a privilege-escalation flaw that allows WordPress site users of any level to make administrative changes to a website. The plugin, which has...

Imperva and Amazon Partner to Help Mitigate Risks Associated With Cloud Migration

Helping our customers reduce the risks associated with migrating to the cloud, and preventing availability and security incidents, has been a major development focus for Imperva over the last several years. Why the partnership matters Although cloud service providers take a host of IT management...

Cyber Workforce DevOps: A Way to Close the Cyber Skills Gap

I personally had a great week last week. Trend Micro was very fortunate to participate in and sponsor the National Institute of Standards and Technology NIST, National Initiative for Cybersecurity Education NICE 2018 Conference and Expo and the IBM Cyber Day 4 Girls at Florida International...

Welcome to Qualys Security Conference 2018

The rise of cloud computing coupled with DevOps is forcing enterprises to rewrite their cybersecurity playbook, and part of that book will be written this week at Qualys Security Conference 2018 in Las Vegas. Today, the dual cloud and DevOps mega-trends are helping companies to digitally transfor...

Wallarm now available on Azure

Wallarm is excited to announce the native availability of Wallarm node on Azure. While in the past Wallarm customers in Azure environment had to install Wallarm nodes as dynamic modules manually into their Azure instances with NGINX, the new release allows deployment from a pre-configured image...

New GigaOm Report: Path to DevOps Success

This month Wallarm has partnered with GigaOm to help our DevOps customers better understand the industry landscape and strategies to address the challenges of doing things the agile way. GigaOm’s perspective is that of the unbiased enterprise practitioner. GigaOm works directly with enterprises...

Wallarm joins CNCF to promote Kubernetes security

Wallarm has recently joined the Linux Foundation and its sister organization, Cloud Native Computing Foundation. Wallarm will be contributing its AI/ML security expertise within the LF and CNCF communities to support the sustainability and adoption of open source technologies. Wallarm and its...

Cloud, Containers, Orchestration Big Factors in BSIMM9

As software and applications increasingly head to the cloud, traditional enterprise software security initiatives are getting turned on their head. The push to the cloud, experts say, isn’t just taking applications and services off premises: It’s redefining how DevOps and traditional IT departmen...

2018 Has Been Open Season on Open Source Supply Chains

As the number of open source components used in software supply chains shoot up, hackers are going along for the ride. Increasingly threat actors are planting bad code in open-source repositories in the hopes to harvest the flaws later when used in larger banking, manufacturing and healthcare Dev...

Securing the Convergence of IT with OT

The Industrial Internet of Things IIoT is the leading edge of the convergence of Operational Technology OT with IT. This convergence begins with network connectivity but requires enhancements in operational procedures, technology, and training as well. Beginning with the network, IT and OT use...

Laforge - Security Competition Infrastructure Automation Framework

Laforge enables rapid development of infrastructure for the purpose of information security competitions. Using a simple and intuitive configuration language, Laforge manages a dependency graph and state management and allows for highly productive remote collaboration. The Laforge engine uses a...

Securing Container Deployments with Qualys

With container adoption booming, security teams must protect the applications that DevOps teams create and deploy using this method of OS virtualization. The security must be comprehensive across the entire container lifecycle, and built into the DevOps pipeline in a way that is seamless and...

Static vs Dynamic Data Masking: Why Are We Still Comparing the Two?

Earlier this month a leading analyst released their annual report on the state of Data Masking as a component of the overall Data Security sector; which included commentary on what’s known as ‘static’ data masking and an alternative solution known as ‘dynamic’ data masking. And these two solution...

This Week in Security News: Facebook and Feds

Welcome to our weekly roundup, where we share what you need to know about the cybersecurity news and events that happened over the past few days. This week, Facebook’s chief security officer resigned as Facebook steps up its cybersecurity efforts. Also, Feds indicted three Ukrainians charged with...

Eager to Boost your Container Security? Don’t Miss this Webcast

DevOps teams can’t get enough of containers -- and for good reason. Faster and more efficient application development and deployment, as well as increased application portability, are some container technology benefits, which in turn help drive digital transformation efforts. Container-based...

Imperva to Acquire DevOps Security Leader Prevoty

Today, we announced that we entered into an agreement to acquire Prevoty, an innovator and leader in building application security that can block attacks and monitor interactions inside application stacks using DevOps and agile development. I’m incredibly excited that the Prevoty team will join...

Need for Speed: Optimizing Data Masking Performance and Providing Secure Data for DevOps Users

Let’s start with a pretty common life experience -- you identify a need e.g., transportation, you evaluate your options e.g., evaluate car manufacturers, various features, pricing, etc., and you decide to purchase e.g., vehicle X. This process repeats itself over and over again regardless of the...