When cloud security breaches happen, teams are inevitably faced with one key question: Whose fault was it? On Amazon Web Services (AWS), the answer depends on how well you understand the platform’s Shared Responsibility Model, a foundational, but often oversimplified, framework that outlines who secures what in the cloud. We’ve already explored how to secure […]

Security testing is a vital component of the software development lifecycle (SDLC), both for organizations that develop software to sell and those that develop for in-house use. Two of the most common security testing methods are static application security testing (SAST) and dynamic application security testing (DAST). But in the head-to-head world of SAST vs DAST, […]

The goal isn’t to stack up a variety of security solutions that add complexity and expense. It’s about prioritizing the right tools for the environment and using them in smarter ways. Endpoint detection and response (EDR) and cloud detection and response (CDR) are two similar-sounding solutions with different targets. Add extended detection and response (XDR) […]

Docker came onto the container scene to simplify container deployments. But today, there are growing numbers of alternatives, each emerging with its own niche advantages. So, whether teams seek flexible architecture, broader tool integration, or more granular access controls, it’s worth knowing the world beyond this popular containerization platform.  What is Docker?  First, Docker is […]

Incident response (IR) templates make it simple to customize your response plan. As such, they’re important foundational documents in a digital forensics and incident response initiative. They’re also easier to choose and customize than you might think. We’re offering a few customizable examples to get you started. What is an Incident Response Plan (IRP)? An […]

In a cloud-native ecosystem without perimeter walls to keep out threats, identity and access management (IAM) is a foundational brick in a more distributed “wall” that protects critical systems, applications, and data. While the basics of IAM — from password policies to user provisioning — are well understood, teams still wonder about deeper issues: how […]

The number of vulnerabilities is only increasing. In the past five years, the number of reported vulnerabilities of all severities has increased more than 126% according to the National Vulnerability Database, as more vulnerabilities get added to the task lists of teams every day. Given the scale of reported vulnerabilities, security teams can’t patch every […]

To what extent do organizations need fine-grained access control? Or is broader coverage over cloud infrastructure a bigger immediate risk to manage? Which aligns better with GDPR? SOC 2? To counter immediate risk? And is combining these cloud tools just a path to duplicate coverage? Those are all good questions that point to the reality […]

Kubernetes is a multi-layered environment. Highly dynamic clusters can be spun up and taken down quickly, making it difficult to track potential threats in real time. But Kubernetes doesn’t exist in a vacuum — it orchestrates containers that run on a complex infrastructure, where misconfigurations, Identity and Access Management (IAM), and network security all come […]

Extended Berkeley Packet Filter (eBPF) isn’t an agent. And it doesn’t exactly function like one, either. What is it? What does it do, and what security gaps does it close that agents can’t? What about performance? We’re breaking down what eBPF security includes, but then going deeper into visibility tradeoffs, operational overhead, and compliance concerns […]