Microservices security is a growing concern for businesses in the face of increasing cyber threats. With application layer attacks being a leading cause of breaches, it’s more important than ever to safeguard the HTTP-based communication between microservices within a Kubernetes cluster. Traditional web application firewalls (WAFs) are not designed to address this specific challenge, but Calico WAF offers a unique solution.

As cyberattacks and the overall threat landscape grow more complex, managed service providers (MSPs) need to evolve. As an MSP, you must be capable of protecting customers from attacks targeting networks, devices, and users. Finding ways to protect your customers’ expanding threat surface is one thing, but doing so without compromising on operational efficiency or profitability is another. At times this can feel like an insurmountable task.

PCI version 4.0 was released in March 2022, and all organizations that must be compliant with the regulation have a deadline of March 31, 2024 to do so. So, what does the new version say about pen testing? According to Requirement 11 of the Payment Card Industry Data Security Standard (PCI DSS), pen testing is required for organizations and entities that store, process, and/or transmit cardholder data.

In today’s digital landscape, the importance of cyber security cannot be overstated. With the ever-increasing frequency of cyber threats, protecting sensitive data has become a priority for individuals and businesses. In search engine optimization (SEO), cyber security is also important. Google and users are more likely to trust websites that provide measures against common cyber security threats. Therefore, website owners with proper security systems can expect higher Google rankings.

When I started Resurface, my core thesis was that web and API security brought unique requirements requiring purpose-built data systems. Using Splunk at scale for API monitoring was/is prohibitively expensive. Using Hadoop or Kafka requires a nerd army to run at any scale. Few data platforms include a mature web or API monitoring model, so this has to be custom-overlaid at significant expense.

We recently published a blog post detailing how threat actors could leverage AI tools such as ChatGPT to assist in attacks targeting operational technology (OT) and unmanaged devices. In this blog post, we highlight why healthcare organizations should be particularly worried about this.

Today we are launching an evolution of the LimaCharlie brand as part of our refreshed identity. The intention of this post is to simply let you know about the change, so you won’t be surprised when things coming from us look a little different. Similar to our introduction of the SecOps Cloud Platform, this evolution of our logo and brand is not driven by change for the sake of change.

Cyberattacks are on the rise. In 2022, there was a 38 percent increase in global attacks compared to the previous year—and security teams are struggling to keep up. It now takes an average of 277 days for teams to identify and contain a breach. With so many alerts being received by the Security Operations Centers (SOCs) each day, how do teams decide which issues to address first?

The aviation industry relies on a complex web of players and digital systems to fly passengers safely around the world. Billions of data points flow across this vast interconnected ecosystem – from cloud-based ticketing apps and customer experience portals, to third-party vendors and technology systems, to airport ground operations and in-flight aircraft.

Idaho is home to many popular universities that serve millions of students annually. Seven of the schools in Idaho were recently impacted by a data breach that resulted in a substantial amount of lost information. The vulnerable parties state that they're secure now, but a significant amount of data has already been lost to the attackers. Learn more about the stolen data and the schools involved in this attack.