premium Container Security Guide
ITOps Times Container Security Buyer’s Guide Sections: Moving parts mean more complexity Containing App Vulnerabilities “Doomsday” flaw found in RunC underscores potential for critical container vulnerabilities 9 security best practices for Kubernetes you should be following A guide to container security tools … continue reading
Report: The 10 most popular Docker images contain at least 30 vulnerabilities each
While Docker images may be valuable to application container technology, they come at a security cost. A new report reveals the top 10 most popular Docker images each contain at least 30 vulnerabilities. According to the 2019 State of Open-Source Security report by Snyk, an open-source security platform provider, “Docker images almost always bring known … continue reading
ITOps Times news digest: Akamai’s Enterprise Defender, Apptio acquires Cloudability, and Xnor.ai’s AI2GO
Akamai has launched Enterprise Defender, which will enable organizations to easily transition to more secure architectures that are based on Zero Trust principles. The solution is designed to provide application specific access rather than network access, protect applications from attacks, protect the workforce from malware and phishing, and deliver better user experiences, the company explained. … continue reading
Catchpoint introduces continuous visibility into networks with Internet Intelligence
Catchpoint has announced the release of Internet Intelligence, a new monitoring capability that will give organizations deeper visibility into their networks. According to the monitoring company, the solution continuously monitors network health and paths to clouds, CDNs, or other distributed architectures in order to show how the network is impacting end user experience. It can … continue reading
Google Kubernetes Engine Sandbox mitigates container escape vulnerabilities
Companies running applications that use untrusted code can experience “container escape,” a vulnerability tracked as CVE-2019-5736, that can hijack the shared host operating system and wreak havoc from there. According to the Information Technology Library, runc used in Docker before 18.09.2 and other products, allows attackers to overwrite the host runc binary within a new … continue reading
Alcide Advisor checks for Kubernetes and Istio vulnerabilities
Security company Alcide has announced the release of Alcide Advisor, which is designed to scan Kubernetes and Istio for compliance, security, and government risks and vulnerabilities. According to Alcide, the solution empowers engineering teams to identify security risks before they can be introduced to the production environment. Alcide Advisor also scans throughout various stages of … continue reading
Netwrix report: Nearly half of organizations storing PII in the cloud want it back on-premises
Security is near the top of almost every company’s agenda. So much so, that 46 percent of organizations that store customer personally identifiable information (PII) in the cloud are considering moving back to on-premises due to security concerns, according to this year’s Netwrix report on cloud data security. “The report revealed that organizations are misled … continue reading
AIOps Exchange holds inaugural event to lay the groundwork for AIOps’ future
A majority of companies have implemented or are starting to experiment with AIOps, according to a survey from OpsRamp. Of those, a majority of them have seen success with the AIOps implementations. The AIOps Exchange was launched earlier this month, and tomorrow it is holding its inaugural event in San Francisco. The event will feature … continue reading
Microsoft previews Identity Overlay Network to further decentralized identity systems
In an effort to strike a balance between the security and self-ownership of blockchains and the massive scale needed to create Decentralized Identifier (DID) systems, Microsoft announced a preview of ION (Identity Overlay Network). ION is a public, permission-less, open network that anyone can use to create DIDs and manage their Public Key Infrastructure (PKI) … continue reading
ServiceNow to Acquire Appsee’s In-App Mobile Analytics Platform and R&D Talent
ServiceNow, Forbes’ No. 1 World’s Most Innovative Company in 2018, today announced it has signed an agreement to acquire the in-app mobile analytics platform and R&D talent of Appsee, an Israel-based application analytics platform company. With the acquisition of Appsee’s intellectual property and key Appsee talent, ServiceNow will further its mobile application and web browser … continue reading
StorageOS achieves Red Hat OpenShift Operator Certification
Storage company StorageOS has announced that it has achieved Red Hat OpenShift Operator Certification for its StorageOS Operator. StorageOS Operator enable one-click installation and management of the StorageOS storage solution. By having Red Hat OpenShift Operator Certification, the company will be able to provide enhanced Day 1 and Day 2 management. “StorageOS offers customers a … continue reading
F5 completes acquisition of NGINX
Just two months after F5 Networks announced its intent to acquire NGINX, the deal has been closed. NGINX will now operate as its own business unit within F5. “Watching the NGINX and F5 teams planning our joint future proved to me that NGINX has found a great home. While there will always be different approaches … continue reading
ITOps Times Open-Source Project of the Week: Linkerd
This week’s highlighted open-source project, Linkerd is a service mesh for Kubernetes and other frameworks. It offers runtime debugging, observability, reliability and security without requiring changes to code. Linkerd works by installing a set of ultralight, transparent proxies next to each service instance. The transparent proxies act as highly instrumented out-of-process network stacks, sending telemetry … continue reading
SAP partners with hyperscalers to move more companies to the cloud
SAP is teaming up with cloud providers Amazon, Microsoft and Google as well as global strategic service partners to walk companies through their transition to cloud-based business innovation. The project called Embrace will tailor the core components to each company based on the language and context of their industry. This includes roadmapping the platform, software, … continue reading
