Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

With each release, Kubernetes introduces new features and enhancements to improve the user experience and address the evolving needs of its users. Today’s release is no exception. This blog post delves into the security enhancements introduced in Kubernetes 1.28, providing insights into their significance and impact.

Most companies will quickly accept the insurance provider's first offer when negotiating cybersecurity insurance policies. Although a relatively new component of the insurance sector, providers have still been conducting cyber assessments and offers for years and are the so-called expert. ‍ However, this way of thinking costs enterprises thousands, if not millions, of dollars a year in deductibles.

A strong vulnerability management program underpins a successful security strategy overall. After all, you can’t defend weak points you don’t know are there. It is predicted that 2023 will see an average of 1,900 critical Common Vulnerabilities and Exposures (CVEs) a month, up 13% from last year. This is due to increased interconnectedness, the addition of more tools, IoT devices and SaaS services, and the increased risk of human error.

A few years ago, I wrote about the importance of security immutability. More specifically, I discussed how important it is that your environment be unchangeable in order to ensure that it remains secure. As I looked back on the article, I found it rather amusing that the article was published 4 years ago, but that feels like a lifetime ago. In the last few years, we really have seen just how volatile the world can be.

The Sysdig Threat Research Team (Sysdig TRT) recently discovered a new Freejacking campaign abusing Google’s Vertex AI platform for cryptomining. Vertex AI is a SaaS, which makes it vulnerable to a number of attacks, such as Freejacking and account takeovers. Freejacking is the act of abusing free services, such as free trials, for financial gain. This freejacking campaign leverages free Coursera courses that provide the attacker with no-cost access to GCP and Vertex AI.

Local WMI querying is straightforward to implement and troubleshoot — but remote WMI querying is another story. Indeed, setting up secure remote WMI querying for a user with no admin rights is a daunting task. This blog can help. I’ll walk you through the steps I used to enable a standard domain user to query the Microsoft SQL Server WMI namespace class on a Windows Server 2012 R2 running Microsoft SQL Server 2016.

Mimikatz is a popular post-exploitation tool that hackers use for lateral movement and privilege escalation. While Mimikatz is quite powerful, it does have some important limitations: As a result, other toolkits have been created to complement Mimikatz. This article explains how three of them — Empire, DeathStar and CrackMapExec — make attacks easier for adversaries.

A typical security operations centre (SOC) has three core costs: People, data and tools. The total cost of these will vary dramatically based on factors like how many endpoints and users are in your environment and the number of SOC team members you need. Various SOC cost calculators available online put the cost of building a SOC for a 1000-user environment at upwards of £2 million per annum.

In July, we released Private Integrations which allow you to connect any app to Vanta, plus 30 new integrations, additional customization for pre-built Vanta content, and more: ‍ ‍ ‍

In this cheat sheet, we will walk you through the different stages of the software development lifecycle and highlight key security considerations and tools that can help you mitigate risks and protect your code.