The goal isn’t to stack up a variety of security solutions that add complexity and expense. It’s about prioritizing the right tools for the environment and using them in smarter ways. Endpoint detection and response (EDR) and cloud detection and response (CDR) are two similar-sounding solutions with different targets. Add extended detection and response (XDR) […]

Docker came onto the container scene to simplify container deployments. But today, there are growing numbers of alternatives, each emerging with its own niche advantages. So, whether teams seek flexible architecture, broader tool integration, or more granular access controls, it’s worth knowing the world beyond this popular containerization platform.  What is Docker?  First, Docker is […]

Incident response (IR) templates make it simple to customize your response plan. As such, they’re important foundational documents in a digital forensics and incident response initiative. They’re also easier to choose and customize than you might think. We’re offering a few customizable examples to get you started. What is an Incident Response Plan (IRP)? An […]

In a cloud-native ecosystem without perimeter walls to keep out threats, identity and access management (IAM) is a foundational brick in a more distributed “wall” that protects critical systems, applications, and data. While the basics of IAM — from password policies to user provisioning — are well understood, teams still wonder about deeper issues: how […]

The number of vulnerabilities is only increasing. In the past five years, the number of reported vulnerabilities of all severities has increased more than 126% according to the National Vulnerability Database, as more vulnerabilities get added to the task lists of teams every day. Given the scale of reported vulnerabilities, security teams can’t patch every […]

To what extent do organizations need fine-grained access control? Or is broader coverage over cloud infrastructure a bigger immediate risk to manage? Which aligns better with GDPR? SOC 2? To counter immediate risk? And is combining these cloud tools just a path to duplicate coverage? Those are all good questions that point to the reality […]

Kubernetes is a multi-layered environment. Highly dynamic clusters can be spun up and taken down quickly, making it difficult to track potential threats in real time. But Kubernetes doesn’t exist in a vacuum — it orchestrates containers that run on a complex infrastructure, where misconfigurations, Identity and Access Management (IAM), and network security all come […]

Extended Berkeley Packet Filter (eBPF) isn’t an agent. And it doesn’t exactly function like one, either. What is it? What does it do, and what security gaps does it close that agents can’t? What about performance? We’re breaking down what eBPF security includes, but then going deeper into visibility tradeoffs, operational overhead, and compliance concerns […]

It’s a challenge to stay on top of the proliferation of cloud security standards and frameworks today. In this article, we’ll cover the crucial foundations of cloud security standards, like what they are, how they differ, and what benefits and drawbacks you’ll encounter when adopting any framework. We’ll also dig deeper into the challenges that […]

When the non-profit MITRE organization began compiling its compendium knowledge base called ATT&CK (Adversarial Tactics, Techniques, & Common Knowledge, pronounced ‘attack’) in 2013, it made cyber security attacks and vocabulary accessible free to government, enterprises, and the public looking to understand known behaviors — from the standpoint of adversarial behaviors. In this article we will […]