Topic: security
No one is cyber-secure in a cyberwar
The potential for cyberattacks has placed many organizations beyond Ukraine on high alert for any threats, and has left them wondering what they can do to bolster their security posture. “Unlike traditional warfare, which generally only has impacts in and around a specific conflict zone, cyberattacks can have far-reaching impacts beyond the initial target that … continue reading
Cloudflare, CrowdStrike, and Ping Identity launch Critical Infrastructure Defense Project
Cloudflare, CrowdStrike, and Ping Identity partnered up to strengthen U.S. cybersecurity in light of increased cyber threats. The new Critical Infrastructure Defense Project will provide free cybersecurity services to vulnerable industries. Eligible organizations will have access to the full suite of Cloudflare Zero Trust solutions, endpoint protection, and intelligence services from CrowdStrike. The project will … continue reading
VMware announces new container runtime security capabilities
VMware unveiled new container runtime security capabilities to provide end-to-end security for cloud-native applications. The new capabilities aim to target the security challenges of containerized applications including how to allow only legitimate traffic in and how to enable least-privileged communications between services and defend against the lateral movement of attackers, according to the company. “Protecting … continue reading
Snyk has acquired Fugue, entering into the cloud security market
The developer security company Snyk recently announced its acquisition of Fugue, a cloud security and compliance company that aims to assist global teams in protecting their cloud environments and help them prioritize innovation. With this, Snyk makes its entrance into the cloud security market, a rapidly growing segment of cybersecurity. Fugue was founded on the … continue reading
ITOps Times Open-Source Project of the Week: ValidKube
ValidKube combines open-source tools to help ensure Kubernetes YAML best practices, hygiene and security. The tool can verify your Kubernetes configuration files through kubeval, remove clutter from your Kubernetes manifests through kubectl-neat, and can scan YAML code for security vulnerabilities with trivy. RELATED CONTENT: Abstracting complexity from Kubernetes breaks down barrier to entry Kubeval uses … continue reading
Aqua Security adds new features for assessing security risk
Cloud-native security company Aqua Security is introducing new features that will help companies address their security risk to its Cloud Native Application Protection Platform (CNAPP). According to Aqua Security, users can choose whether to go with a quick assessment of workload risk, or they can actively protect those workloads from attacks in runtime. They can … continue reading
StarlingX R6.0 released by Wind River
StarlingX, the platform that builds out infrastructure from the core to the edge by providing a scalable foundation with OpenStack, has reached its R6.0 release. The platform can be used to build out an organization’s central cloud and can be installed on the edge to manage a smaller pool of resources. In addition, the platform … continue reading
DoControl announces no-code security workflows for SaaS applications
The automated SaaS security company DoControl announced no-code security workflows that brings Zero Trust into the SaaS data layer. DoControl’s security workflows allow for consistent, granular, and customizable data access controls, which helps to close the gaps found in inflexible hard-coded and out-of-the-box policies. “Security teams are becoming increasingly frustrated with the lack of visibility … continue reading
ThreatMapper 1.2.0 released with new attack path visualizations
Observability company Deepfence launched new ThreatMapper features to provide DevSecOps professionals with new attack path visualizations, most exploitable vulnerabilities calculations, and AWS Fargate support. ThreatMapper finds hidden attack paths by continuously correlating vulnerabilities with network traffic, identifying much harder to find vulnerable services that are further downstream, behind proxies and exposed indirectly to potentially malicious … continue reading
ITOps Times Open-Source Project of the Week: NordVPN’s speed test tool
NordVPN developed a new tool that helps users objectively measure and compare the speed of different VPN services. It allows users to add and compare different VPN services, and provides detailed reporting. “Connection speed is one of the most important factors that affect user experience when they use a VPN. People want to secure their … continue reading
ITOps Times Open-Source Project of the Week: Cloud Hypervisor Project
The Linux Foundation announced that it will host the Cloud Hypervisor project, which delivers a Virtual Machine Monitor (VMM) for modern Cloud workloads. The project is supported by Alibaba, ARM, ByteDance, Intel and Microsoft. The project is written in Rust and focuses on security features such as CPU, memory and device hot plug; support for … continue reading
ITOps Times Open-Source Project of the Week: Trivy
Trivy is an open-source project developed by Aqua Security that scans for vulnerabilities and configuration issues in container images, file systems, and Git repositories. It detects vulnerabilities of operating system packages, such as Alpine, RHEL, and CentOS, and language-specific packages, such as Bundler, Composer, npm, yarn, and more. It can also scan Infrastructure as Code … continue reading
