Compared to on-premises data storage, cloud computing comes with a lot of benefits. On-demand access to company data, flexibility, and fast collaboration are just a few. But along with these advantages come increased security risks. To manage them, companies should invest in regular cloud security assessments.
This week’s news of Cisco’s intent to acquire Isovalent sends an important message to the cloud security ecosystem: network security is no longer an afterthought in the cloud-native world. It’s now a critical component of any robust security posture for cloud-native applications. This move not only validates the work of the Isovalent team in evangelizing this essential category but also underscores the vision Tigera has pioneered since 2016 with Project Calico.
Today, IT networks are the backbone of nearly every business. Simply put, if your network isn’t performing at its best, the flow of data and services will be impeded, and your business operations will suffer. This modern reality makes effective server and network monitoring software not just a technical necessity but a business imperative.
The surge of cloud-native applications has propelled Kubernetes into the forefront, revolutionizing how we manage and deploy workloads. However, this exponential growth has also increased the security challenges, and attack surface, DevOps and Security teams must address. As we discussed in a previous blog post, traditional network security measures fall short when presented with Kubernetes’ dynamic nature, demanding a paradigm shift towards more adaptable solutions.
Like all security tools, firewalls can be hacked. That’s what happened to the social media platform X in January 2023, when it was still Twitter. Hackers exploited an API vulnerability that had been exposed since June the previous year. This gave them access to the platform’s security system and allowed them to leak sensitive information on millions of users. This breach occurred because the organization’s firewalls were not configured to examine API traffic with enough scrutiny.
If security policies aren’t periodically updated to meet modern threat demands, organizations risk introducing vulnerabilities into their IT security posture. Comprehensive audit reports help security leaders gain in-depth visibility into their organization’s cybersecurity strategy and assess the resilience of its network infrastructure.
Whether working at home or in the office, when conducting cybersecurity research, investigating the dark web forums or engaging with any dangerous part of the internet, staying safe is critical. While most researchers use a virtual machine to mitigate risks to the host PC, there is an overlooked and unprotected attack surface: the network. This post will illuminate potential risks and introduce a new solution to keep your network safer without hindering your workflow.
In my previous blog post, What you can’t do with Kubernetes network policies (unless you use Calico): Policies to all namespaces or pods, I talked about this use case from the list of nine things you cannot implement using basic Kubernetes network policy — policies to all namespaces or pods. In this blog post, we’ll be focusing on the next use case — advanced policy querying and reachability tooling.
