Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

With the Defense Department’s quick and successful pivot to a remote workforce last Spring via its Commercial Virtual Remote (CVR) environment, it proved that the future to fully operate from anywhere in the world is now. Gone are the days of thousands of civilian employees heading into the Pentagon or other installations everyday. However, with this new disparate workforce comes increased risks for network security. As my colleague Bill Wright expertly noted last Summer.

Theresa Lanowitz collaborated on this blog. The proliferation of technology and internet connectivity has made it possible for people to seek out most things online, and gaming and gambling are not exceptions. In addition to online video games, social media, music, and video streaming, there are also online casinos and gambling for real money. Well, for gambling in the USA there are state laws to mind, but in some states online gambling is permitted.

Taking cyber security risk assessment out of the equation, risk assessments are nothing new to the world. Industries such as nuclear, aerospace, oil, agriculture, military and railroad have long-established processes to deal with risk. Continuous risk assessments are performed by food, medical, hospital sectors to control risks affecting their environments.

Encryption is the process of converting plaintext data into an alternative form known as ciphertext. However, only authorised users can decipher the ciphertext back into clear-text to access the information. There are two types of encryption in widespread use, i.e. symmetric and asymmetric encryption. These names symbolise whether the same key can be used for encryption and decryption processes. These two terms: Encryption and cryptography, are often used interchangeably.

Recently I wrote about Infrastructure as Code (IaC) and how Snyk’s IaC scanning can help catch issues in your templates before they make it to provisioning. Our engineering team continues to expand the breadth of our IaC scanning policies to better protect your platforms from vulnerabilities and issues.

In recent years, threat hunting has become much more widely adopted, but today the definition of threat hunting is still quite a controversial topic. Threat hunting is the art of finding the unknown in your environment, going beyond traditional detection technologies, with active cyber defence activity, proactively and iteratively searching through networks to detect and isolate advanced threats that evade existing security solutions.

Image vulnerability scanning is a critical first line of defense for security with containers and Kubernetes. Today, Red Hat recognized Sysdig as a certified Red Hat security partner based on our work to standardize on Red Hat’s published security data with Sysdig Secure.