Topic: security

premium Container Security Guide

ITOps Times Container Security Buyer’s Guide Sections: Moving parts mean more complexity Containing App Vulnerabilities “Doomsday” flaw found in RunC underscores potential for critical container vulnerabilities 9 security best practices for Kubernetes you should be following A guide to container security tools … continue reading

Report: The 10 most popular Docker images contain at least 30 vulnerabilities each

While Docker images may be valuable to application container technology, they come at a security cost. A new report reveals the top 10 most popular Docker images each contain at least 30 vulnerabilities. According to the 2019 State of Open-Source Security report by Snyk, an open-source security platform provider, “Docker images almost always bring known … continue reading

Google Kubernetes Engine Sandbox mitigates container escape vulnerabilities

Companies running applications that use untrusted code can experience “container escape,” a vulnerability tracked as CVE-2019-5736, that can hijack the shared host operating system and wreak havoc from there. According to the Information Technology Library, runc used in Docker before 18.09.2 and other products, allows attackers to overwrite the host runc binary within a new … continue reading

Alcide Advisor checks for Kubernetes and Istio vulnerabilities

Security company Alcide has announced the release of Alcide Advisor, which is designed to scan Kubernetes and Istio for compliance, security, and government risks and vulnerabilities. According to Alcide, the solution empowers engineering teams to identify security risks before they can be introduced to the production environment. Alcide Advisor also scans throughout various stages of … continue reading

Netwrix report: Nearly half of organizations storing PII in the cloud want it back on-premises

Security is near the top of almost every company’s agenda. So much so, that 46 percent of organizations that store customer personally identifiable information (PII) in the cloud are considering moving back to on-premises due to security concerns, according to this year’s Netwrix report on cloud data security. “The report revealed that organizations are misled … continue reading

Curtail raises $3.25 million in funding

Today Curtail, Inc. announced it has raised $3.25 million in funding, led by Tarus Capital along with other investors. The funding will be used to build the company, particularly the engineering, sales and marketing teams and initiatives. Curtail is changing how IT is implemented for government agencies, financial institutions, service providers and enterprise organizations that are … continue reading

Armis raises $65 million for IoT endpoint security

IoT security company Armis has raised $65 million in Series C funding, which brings the company’s funding to-date to $112 million. According to Armis, IoT devices present an expanded attack surface, and there have been recent reports of global companies being affected by ransomware attacks carried out through insecure IoT devices. IoT devices typically don’t … continue reading

Veeam relaunches free-to-use VM backup offering

Users can backup and replicate up to 10 of their VMware, Hyper-V and AHV virtual machines for free with the release of Veeam Backup and Replication Community Edition. The company says that the new offering replaces the now-cancelled Veeam Backup Free Edition and opens up new capabilities to free users. The company wrote in a … continue reading

Microsoft prepares for Hannover Messe with Azure IoT integrations for manufacturing

In the lead-up to the Hannover Messe 2019 industrial technology event next week, Microsoft released updates for many of its industry-focused products and services, all aimed at providing businesses with a path towards “Industry 4.0.” The paradigm would see artificial intelligence, mixed reality and automation leveraged to achieve “intelligent manufacturing,” the company explained in a … continue reading

Report: Careless end users are an organization’s biggest security threat

IT operations teams are focusing their efforts on securing their networks and applications from outside threats, but the greatest threat to an organization may be its own users. A recent survey of 500 IT professionals from BetterCloud revealed that 91 percent of IT professionals feel vulnerable to insider threats. According to the survey, 62 percent … continue reading

Untangle tackles security orchestration with Network Security Framework

Network security company Untangle wants to provide better security orchestration across the enterprise and bring security capabilities at the network edge with a new solution for covering digital attack services. The company introduced its Network Security Framework at the RSA Conference in San Francisco this week designed to protect, monitor and control all devices, apps … continue reading

PagerDuty brings security closer to operations

PagerDuty wants to unify the security operations among developers, operations and security teams. The company announced PagerDuty for Security Operations with new and existing security integrations across the company’s ecosystem. “With PagerDuty for Security Operations, we now bring security professionals into the fold to operate in a unified platform to engage in real-time security response,” … continue reading

Get access to this and other exclusive articles for FREE!

There's no charge and it only takes a few seconds.

Sign up now!