Kubernetes has emerged as the de-facto standard for orchestrating containerized applications. While Kubernetes abstracts away many complexities, it also introduces new operational and monitoring challenges. In fact, the latest CNCF survey cites monitoring as one of the biggest challenges in adopting...
Application container technology is revolutionizing app development, bringing previously unimagined flexibility and efficiency to the development process. A good monitoring solution is necessary for dynamic, container-based environments to unify container data with other infrastructure data - only then can you gain...
The ESG Technical Review of DivvyCloud Cloud and Container Security focuses on how DivvyCloud can enable a friction-free strategy for customers to embrace the cloud in their business operations.
ESG explored DivvyCloud's extensible, multi-cloud, software-defined security and governance platform, and how DivvyCloud...
Malware continues to increase in sophistication and
routinely evades organizations' cyber defenses.
Even though the industry has developed various
technologies to bolster detection and response, the
situation persists.
New strategies for combatting advanced malware
must move beyond existing detection approaches...
MITRE ATT&CK (Adversarial Tactics, Techniques & Common Knowledge) has served as a model through which interested parties can learn to identify and map digital intrusions against their existing security technologies allowing them to shore up their gaps and prevent more intrusions on endpoints.
But what about the...
In comparison to the traditional datacenter, more people are able to access, change, and deploy critical resources and services in the cloud. While this can be powerful, it also increases the likelihood of something going awry. We’ve seen cloud security issues in the headlines with alarming regularity. Read about...
Leveraging CSP security controls is essential, and, for some cloud implementations, is sufficient to manage public cloud workload risk. For most enterprises, however, these controls alone are not adequate to address the core aspects of cloud security: audit, visibility, protection, detection, and automation.
Read...
When enterprises evaluate Cloud Security Posture Management (CSPM), automated remediation is frequently the end goal. But hastening initial implementation of remediation introduces a risk of organizational opposition to automation going forward.
Read this guide to learn:
The benefits of automated remediation;
How...
Cloud misconfiguration-induced data breaches cost companies nearly $5 trillion in just two years. DivvyCloud conducted in-depth research on data breaches attributed to cloud misconfigurations, identified factors contributing to the likelihood of such data breaches, and quantified the overall impact on the affected...
An organization that is transitioning to a large cloud provider should immediately consider the secure configuration of cloud services to be a critical element to governing these environments. Importantly, this cannot be a one-time event but must be implemented as a continuous approach.
Read this report to learn how...
The world of ephemeral computing using the cloud, containers, and Kubernetes continues to evolve in ways that are both innovative and challenging. Change happens so fast it's hard for Security and GRC professionals to keep up. Organizations need to take a holistic approach to Kubernetes security and consider both the...
In the increasing landscape of cloud technology, organizations must sort out the IT portion of the M&A process. The high profile nature of cloud, security, and the scope of data that is managed, and as a result, vulnerable to misuse, mismanagement, or exposure is a critical component to get right as part of your...
DevSecOps is often associated with securing a development pipeline in traditional CI/CD frameworks. Join this session, held by Henrik Johansson, Principal - Office of the CISO at AWS, as he discusses and shows:
How public cloud technology enables you to fully embrace security automation in your infrastructure
How...
Containers are becoming more popular, but how do you deal with the security challenges of using containers?
You have to secure the application, the code, the web server and the host itself.
And how do you do this at the speed of DevSecOps?
Join Tim Chase, Director of Information Security at Healthstream, as he...
DevSecOps has taken the world by storm. Ever since the DevSecOps philosophy stepped into the limelight in the past few years, a growing number of organisations are trying to ensure their businesses are set up with the security in mind (and practice) from the get-go.
In theory, the concept is great. In practice?...
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing govinfosecurity.com, you agree to our use of cookies.