Comprehensive Guide to Threat Modeling: Enhancing Security in the Digital Age

Comprehensive Guide to Threat Modeling: Enhancing Security in the Digital Age

|
In today's digital landscape, cybersecurity is a top concern for businesses and individuals. As technology evolves, so do the threats that can compromise the security of our systems and data. To address these challenges proactively, organizations employ various strategies, and one of the most effective approaches is threat ... Read More
How to go about building a SAST plan for your company?

How to go about building a SAST plan for your company?

|
SAST, you said?And what's the difference between SBOM?SAST stands for Static Application Security Testing, and it refers to the process of analyzing the source code of an application to identify potential security vulnerabilities before it is compiled and executed. SAST tools use techniques such as data ... Read More
How to setup Multi Factor Authentication (MFA) devices in AWS?

How to setup Multi Factor Authentication (MFA) devices in AWS?

|
Multi-factor Authentication (MFA), Why do I need it?The most common way used to secure any account (or application) is using a password and username or email. This method of login provides only a single layer of security. And the credentials can be compromised by using methods like brute force ... Read More
Creating CNAME for Google Cloud Functions

Creating CNAME for Google Cloud Functions

|
In this blog, we will create a CNAME for our cloud functions with path matches. The problem with cloud functions is that they use long URLs. We will be using the load balancer method to create a CNAME. We will create three path matches for three separate cloud functions.Firstly ... Read More
Creating CNAME for Google Cloud Run Service Functions

Creating CNAME for Google Cloud Run Service Functions

|
In this blog, we will create a CNAME for our cloudrun service function with path matchers. We will be using the load balancer method to create a CNAME. We will create three path matchers for three separate cloudrun services. How to create a CNAME for Google cloud run service functions ... Read More
Using eBPF to Enhance Monitoring and Observability

Using eBPF to Enhance Monitoring and Observability

| | eBPF
By Nate Matherson, Co-founder & CEO of ContainIQ The ability to inject code into Linux kernels opens up a whole new world of possibilities. There is so much that you can improve easily—security, network, observability, and more. BPF (Berkeley Packet Filter) enables you to write programs that can ... Read More
What is Dirty Pipe Vulnerability and it’s impact on Containers?

What is Dirty Pipe Vulnerability and it’s impact on Containers?

|
Disclosure A new Critical Linux vulnerability was disclosed to the public on 7th March by Max Kellermann. It’s tracked as CVE-2022-0847 and has a severity score of 7.8 (HIGH). This Dirty Pipe Vulnerability is similar to the Dirty Cow Vulnerability, recorded as CVE-2016-5195. But, is much easier ... Read More
Why do we need continuous audits for public cloud?

Why do we need continuous audits for public cloud?

|
Introduction to Continuous audits for public cloud Businesses have lost track of crucial control measures needed for their cloud infrastructure due to the rapid adoption of cloud computing, AWS, Azure, and Google cloud services are now more popular than ever due to the pace of innovation and customer expectations from ... Read More
CVE-2022–0185: What is it, how to identify, and it’s impact on Kubernetes Workloads

CVE-2022–0185: What is it, how to identify, and it’s impact on Kubernetes Workloads

Discovery of CVE-2022-0185 Vulnerability Last week, researchers Jamie Hill-Daniel and William Liu discovered & disclosed a vulnerability in Linux Kernel. It’s assigned a CVE ID of CVE-2022-0185. And is rated as High Severity. This got introduced to Linux Kernel as part of version 5.1-rc1 in March 2019, ... Read More
Big Mistakes in Cyber security | Cloud | Mel Reyes | Ep.10 | ScaletoZero podcast | Cloudanix

As A Cloud User, Should I Be Worried About Cloud Compliance?

| | Compliance
Introduction How about we start by understanding “What Cloud is” and then move to “Cloud Compliance”? Servers that are accessible over the Internet, as well as the software and databases that run on them, are known as “the cloud.” Cloud computing has transformed the ... Read More