Topic: security
ITOps Times news digest: Google Cloud acquires Chronicle, Expedient announces advanced DRaaS solution, and Juvare launches collaborative incident management solution
Google Cloud has announced that it is acquiring Chronicle, a security company also created by Alphabet. Google Cloud believes that this partnership will enable it to provide a comprehensive security portfolio that will benefit its customers. Chronicle offers several solutions that will be beneficial to Google Cloud, such as VirusTotal malware intelligence and Backstory investigation … continue reading
ITOps Times news digest: Aqua Security 4.2, Gravitational’s Teleport, and DH2i’s DxConnect
Aqua Security has announced the release of version 4.2 of its platform. This release introduces Vulnerability Shield, which is an automated vulnerability and component analysis tool. Vulnerability Shield can generate policies that will detect and block access to vulnerable components. Aqua 4.2 also includes advanced protection for serverless functions, container image scanning by layer, a … continue reading
ITOps Times news digest: Signal Sciences integrates with Cisco Threat Response, Red Hat Enterprise Linux 7.7 beta, and SentinelOne raises $120 million
Signal Sciences has announced a new integration with Cisco Threat Response in order to better help its customers defend against web app attacks. The integration will give customers instant visibility into their web application attack data, enabling security teams to respond to threats quickly. “In today’s evolving business landscape, we are seeing a dramatic shift … continue reading
Creating effective security with simulation technology
Sophisticated cyberattacks are proliferating globally. Today, with the expansion of the Internet of Things (IoT) and device connectivity, cyberattack targets extend beyond defense and IT to critical infrastructure, aerospace, automotive, healthcare, heavy industry, transportation, and communications—virtually any segment in which there is digital information to steal or misuse, or where there is potential for operational … continue reading
The Container Security Buyers Guide
The ITOps Times Container Security Buyers Guide features: Moving parts mean more complexity Containing App Vulnerabilities “Doomsday” flaw found in RunC underscores potential for critical container vulnerabilities 9 security best practices for Kubernetes you should be following A guide to container security tools … continue reading
Report: The 10 most popular Docker images contain at least 30 vulnerabilities each
While Docker images may be valuable to application container technology, they come at a security cost. A new report reveals the top 10 most popular Docker images each contain at least 30 vulnerabilities. According to the 2019 State of Open-Source Security report by Snyk, an open-source security platform provider, “Docker images almost always bring known … continue reading
Google Kubernetes Engine Sandbox mitigates container escape vulnerabilities
Companies running applications that use untrusted code can experience “container escape,” a vulnerability tracked as CVE-2019-5736, that can hijack the shared host operating system and wreak havoc from there. According to the Information Technology Library, runc used in Docker before 18.09.2 and other products, allows attackers to overwrite the host runc binary within a new … continue reading
Alcide Advisor checks for Kubernetes and Istio vulnerabilities
Security company Alcide has announced the release of Alcide Advisor, which is designed to scan Kubernetes and Istio for compliance, security, and government risks and vulnerabilities. According to Alcide, the solution empowers engineering teams to identify security risks before they can be introduced to the production environment. Alcide Advisor also scans throughout various stages of … continue reading
Netwrix report: Nearly half of organizations storing PII in the cloud want it back on-premises
Security is near the top of almost every company’s agenda. So much so, that 46 percent of organizations that store customer personally identifiable information (PII) in the cloud are considering moving back to on-premises due to security concerns, according to this year’s Netwrix report on cloud data security. “The report revealed that organizations are misled … continue reading
Curtail raises $3.25 million in funding
Today Curtail, Inc. announced it has raised $3.25 million in funding, led by Tarus Capital along with other investors. The funding will be used to build the company, particularly the engineering, sales and marketing teams and initiatives. Curtail is changing how IT is implemented for government agencies, financial institutions, service providers and enterprise organizations that are … continue reading
Armis raises $65 million for IoT endpoint security
IoT security company Armis has raised $65 million in Series C funding, which brings the company’s funding to-date to $112 million. According to Armis, IoT devices present an expanded attack surface, and there have been recent reports of global companies being affected by ransomware attacks carried out through insecure IoT devices. IoT devices typically don’t … continue reading
Veeam relaunches free-to-use VM backup offering
Users can backup and replicate up to 10 of their VMware, Hyper-V and AHV virtual machines for free with the release of Veeam Backup and Replication Community Edition. The company says that the new offering replaces the now-cancelled Veeam Backup Free Edition and opens up new capabilities to free users. The company wrote in a … continue reading
