Password security is important because passwords are the first line of defense against cybercriminals and their unauthorized access to your personal data. Most people around the world struggle with managing their passwords. A recent Verizon Data Breach Investigation reported over 70% of employees repeat passwords while at work. According to the study, 81% of hacking-related breaches used either stolen or weak passwords.

Authentication as a baseline security control is essential for organizations to know who and what is accessing corporate resources and assets. The Cybersecurity and Infrastructure Security Agency (CISA) states that authentication is the process of verifying that a user’s identity is genuine.

The world is changing rapidly, with organizations facing new cybersecurity challenges all the time, forcing them to continuously update their cybersecurity strategies. This is especially relevant when it comes to events that have a global effect, like the COVID-19 pandemic and Russia's invasion of Ukraine.

If you work in Security or Operations, you are surely familiar with the concept of “alert fatigue.” Alert fatigue Syndrome is the feeling of becoming desensitized to alerts, causing you to potentially ignore or minimize risks and harming your capability to respond adequately to potential security threats.

‍ NIST Special Publication 800-171 (NIST SP 800-171 or NIST 800-171) is a set of security controls within the NIST Cybersecurity Framework that establishes baseline security standards for federal government organizations. NIST SP 800-171 is mandatory for all non-government organizations operating with federal information systems.

Kubernetes Security Posture Management or KSPM refers to the security state and capabilities in place to manage the defense of the Kubernetes clusters and the workloads running on top of it. It tells us how well those capabilities can predict, prevent and respond to cyber threats in relation to Kubernetes. If that definition sounds familiar to you, it is because it is the common definition of Security Posture, but focused on Kubernetes Security.

Cyber VRM is the practice of identifying, assessing, and remediating the cybersecurity risks of third-party vendors. This involves combining objective, quantifiable data sources like security ratings and data leak detection with subjective qualitative data sources like security questionnaires and other security evidence to get a complete view of your third-party vendors’ security posture. A Cyber VRM solution facilitates this practice.

Infrastructure as Code (IaC) is a powerful mechanism to manage your infrastructure, but with great power comes great responsibility. If your IaC files have security problems (for example, a misconfigured permission because of a typo), this will be propagated along your CI/CD pipeline until it is hopefully discovered at runtime, where most of the security issues are scanned or found. What if you can fix potential security issues in your infrastructure at the source?