Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

Your organization’s attack surface can be a tricky thing to monitor. In our connected world, it seems like your attack surface is always expanding. That’s probably true. Attack surface expansion has exploded, driven by cloud adoption, the use of SaaS (software as a service) tools, and the fact that so many organizations have come to rely on third-party vendors.

We’re pleased to announce that Nightfall has joined Snyk’s Technology Alliance Partner Program (TAPP). Nightfall will sit alongside partners like RedHat, and Hashicorp to provide critical DevSecOps functionality to developers.

Hosting a CI/CD platform on Kubernetes is becoming more common among engineers. This approach saves time through automation, ensures consistent deployments, and makes it easier to monitor and manage microservices. However, building container images in Kubernetes clusters involves some technical hurdles that require workarounds. In this article, we’ll explore some ways to build Docker images in a Kubernetes cluster for CI/CD processes.

Every Kubernetes developer’s favorite time of year is just around the corner, Kubecon EU 2022! Whether you’re attending in person in beautiful Valencia, Spain, or watching the conference from your couch at home, here are a few reasons why — if you operate any Kubernetes infrastructure — you need Teleport.

It’s a tough time for small business owners and their employees. Surging operational costs and supply chain issues are colliding with a rate of inflation that’s limiting how much consumers are willing and able to spend. And as the pandemic continues, there could be more legal and economic hurdles on the way. Startups and other small businesses are fighting to keep their doors open, or to open them in the first place.

It is often stated that security is hard. Whether it is the people, processes, and technology, or any combination of the three, security is a never ending challenge. Conversely, compliance is the opposite. Compliance is relatively straightforward. For too long, and for too many organisations, meeting a compliance standard was seen as a satisfactory way to boast of security. The competing ideologies of security versus compliance have long vexed even the most optimistic cybersecurity professional.

Call me David. As you might have heard, Log4Shell, “the single biggest, most critical vulnerability ever”1 was recently disclosed to the public. You may even have seen us make mention of it here, here, here, or even maybe here. Splunkbase was impacted by way of apps both made by Splunk and third-party developers.