Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

Disagreement is one of the defining trends of 2020. However, I think most of us would agree that this year hasn’t turned out to be the kind of year that many of us anticipated when we celebrated on December 31st. Difficulty abounds on many fronts, reducing our ability to operate with precision and excellence. For companies balancing concerns about employee health, adjusting to a new hybrid workforce, and responding to shifting consumer demands, the challenges are many.

Open Policy Agent addresses Kubernetes authorization challenges with a full toolkit for integrating declarative policies into any number of application and infrastructure components. As more and more organizations move containerized applications into production, Kubernetes has become the de facto approach for managing those applications in private, public and hybrid cloud settings.

In this article, you will learn how to add inline image scanning to a Google Cloud Build pipeline using the Sysdig Secure DevOps platform. We will show you how to create a basic workflow to build your container image, scan the image, and push it to a registry. We will also customize scanning policies to stop the build if a high-risk vulnerability is detected.

We are in the midst of an unprecedented convergence of events that are forcing enterprises to dramatically change how they secure their modern businesses. With the acceleration of digital transformation from COVID-19, work-from-home initiatives, the continued growth of SaaS and the increasing adoption of microservices-based applications, the modern enterprise threat landscaping is transforming rapidly.

“The more things change, the more they stay the same.“ In the recent Equinix breach in September 2020, 74 RDP servers were exposed to the Internet. Any publicly exposed ports are a risk but remote access protocols such as RDP have had their share of critical vulnerabilities (e.g., BlueKeep in 2019).

Companies need to establish a secure system to avoid insider threats and other online issues that could destroy a business. There are different online threats that businesses face every day. The most common of which is phishing attacks were the victim accidentally clicks on an unsafe link and log in. Other commonly known threats to businesses are malware, ransomware, weak passwords, and insider threats. Most of these online attacks are due to what is known as insider threats.

Developers face a bevy of roadblocks in their race to meet tight deadlines, which means they often pull from risky open source libraries and prioritize security flaws on the fly. In a recent ESG survey report, Modern Application Development Security, we saw that 54% of organizations push vulnerable code just to meet critical deadlines, and while they plan for remediation on a later release, lingering flaws only add to risky security debt.

Dealing with the aftermath of ransomware attacks is like Russian roulette. Submitting the ransom might seem like it’s the sole option for recovering locked data. But paying the ransom doesn’t mean that your organization will get its affected data back. Let’s not forget that ransomware also continues to evolve as a threat category.

Today, we released a Threat Definition Update bundle for our Tripwire Industrial Visibility solution to aid in the detection of Zerologon. Otherwise known as CVE-2020-1472, Zerologon made news in the summer of 2020 when it received a CVSSv3 score of 10—the most critical rating of severity. Zerologon is a vulnerability that affects the cryptographic authentication mechanism used by the Microsoft Windows Netlogon Remote Protocol (MS-NRPC), a core authentication component of Active Directory.