Containerization introduces new processes that move code through the software development pipeline at an accelerated pace and with greater flexibility (or, less oversight).
This eBook explains how DevSecOps can deliver context-aware security while automating the entire image-to-production process, allowing...
A critical part of any security infrastructure is providing the capacity to secure containerized applications across any platform, orchestrator, or cloud.
This Container Security Guide provides visual, easy-to-digest diagrams that show how to:
Ensure images are free from known vulnerabilities, secrets and...
The annual Infosecurity Europe conference this year returned to London. Here are visual highlights from the event, which featured over 240 sessions and more than 400 exhibitors, 19,500 attendees and keynotes covering data breaches, darknets, new regulations and more.
Yet another warning has been issued about the BlueKeep vulnerability in older versions of Microsoft Windows. The latest comes from the Department of Homeland Security, which tested a remote code execution exploit.
Medical device vendor Becton Dickinson and U.S. federal regulators have issued security alerts about vulnerabilities that potentially put certain infusion pump products from the manufacturer at risk for remote hacker attacks.
Read the Q1 2019 Quarterly Threat Report to learn what targeted businesses in January, February and March 2019 and to find out what strategies you can implement to protect your organization.
Key report findings include:
8% of externally-facing IT assets are susceptible of being exploited by a high or critical...
When it comes to drivers for implementing and maintaining privileged access management programs, Wallix's Grant Burst says that demonstrating compliance and safety remain top priorities. Another driver, he says, is the sheer interconnectedness of devices - driven by the rise of IoT.
After a two-year absence, the FIN8 hacking group has returned with a new campaign targeting POS machines in the hotel industry with malware in an effort to steal credit card information and other data, according to new research.
The White House budget chief is seeking to delay a ban on the U.S. government using products manufactured by Huawei. In a letter to Vice President Mike Pence, Russell T. Vought, the acting director of the Office of Management and Budget, says organizations need more time to switch suppliers.
A month after Baltimore's IT network was hit with the RobbinHood ransomware variant, officials believe the May 7 attack will cost $18 million, which includes recovering and restoring computer systems as well as lost municipal revenue.
Tech Data says it has disabled a logging server used for its StreamOne cloud services marketplace after a data exposure. Tech Data differs with researchers over the sensitivity over what was exposed, but the logging server is offline now.
A security researcher has posted a demonstration showing how an attacker could exploit the BlueKeep vulnerability to take over a Windows device in a matter of seconds. Meanwhile, the NSA has joined Microsoft in urging users to patch devices before an attacker takes advantage of this vulnerability.
Organizations and their applications are under attack from automated bots and bad actors. And many of these attacks are undetectable by conventional security technologies. How can organizations detect and prevent this activity? Carl Gustas of Cequence Security shares insights.
One of the most famous security breaches in recent memory, the hack of the US Democratic National Convention email server, was conducted via fileless attack. The hack was comprised of targeted emails from seemingly legitimate sources that contained links to infected web pages, which subsequently allowed hackers to...