Containers offer many advantages for management, deployment, and efficient development of applications.  Like any technology, however, they are subject to attack from malicious actors, and require diligent security.  Vulnerabilities can appear in the container images themselves, in the registry where they are stored, or in the orchestration and deployment of the images.  Let’s take a look.

Image Vulnerabilities & Countermeasures

Cybersecurity is the number one priority for state and county CIOs, according to GovTech. Yet supporting that priority is a perpetual challenge. Another survey finds that top of the list of workforce needs for state CIOs is cybersecurity talent.

From veterans to tax payers, contractors to military personnel, the U.S. government is one of the world’s largest harbors of personally identifiable information (PII). Year after year of security breaches has done nothing but destroy public trust in the government’s ability to protect PII about citizens, employees, and contractors.

Earlier this summer, we wrote about how the Department of Defense is eyeing blockchain technology to improve cybersecurity.

Now, Meritalk reveals that the State Department is also seeking the use of blockchain (the technology behind digital currency like Bitcoin) to protect its cyber infrastructure, improve its IT platforms and restructure the agency.

I bet there was a time you loved your security information and event management (SIEM) system. This central location for managing all the security events on your network. But, as good as it may seem, many IT organizations have a love/hate relationship with their SIEM.

The 2017 DefCon conference featured former World Chess Champion Garry Kasparov, who spoke about artificial intelligence, computers, and of course, chess.  After losing a match to a purpose-built computer in 1997, Kasparov realized that the machine, although it had beaten him, was not truly intelligent:  it had simply out-calculated him, by examining over 200 million chess positions per second.  Kasparov soon devised “advanced chess”, in which a strong human player teams up with a computer.   Advanced chess combines the best human qualities of imagination, judgment,

Federal IT pros are facing “Herculean tasks” when it comes to security challenges, a new survey conducted by DLT partner, SolarWinds, reveals.

As government officials begin investigation of the Equifax breach that exposed the sensitive information of 143 million people, what does the breach mean for agencies themselves? After all, the U.S. government stores far more sensitive data than the private sector, and often stores it on older, more vulnerable systems.

When it comes to enhancing their cybersecurity postures, federal agencies have to wade through an entire alphabet soup of regulatory compliance guidelines. From the RMF (Risk Management Framework) to FISMA (Federal Information Security Management Act) and DISA STIGs (Defense Information Systems Agency Security Technical Implantation Guides), there are a number of requirements that agencies must implement to satisfy the government’s definition of a secure environment.

Hackers are ruthless in their persistence and fortitude. It can take weeks or months for them to gather intelligence on your IT vulnerabilities, penetrate your network, and exfiltrate your precious data. But they know, and statistics prove this, that, for the most part, their victims have no idea that their network infrastructure is under attack – until it’s too late.