General

By 2025, Gartner estimates that over 95% of new digital workloads will be deployed on cloud-native platforms, up from 30% in 2021. At the same time, Kubernetes is becoming the de facto standard for cross-cloud orchestration and a pillar of cloud native architectures.
A contributing technology that will play a big role in this transition is the extended version of the Berkeley Packet Filter (eBPF). eBPF enables programs to run in kernel of the host operating system (Linux, first, and now also Windows), and to instrument the kernel without changing kernel source code. eBPF programs are portable between kernel versions and atomically updateable, which avoids workload disruption and node reboot. eBPF programs can be verified at load time to prevent kernel crashing or other instabilities.

All over the world, DDoS attacks are getting more frequent and last longer, too. We’re officially sailing in rough water. And not all of our ships are sea-worthy. A study by IDG found that the lack of broad DDoS protection was among the top 3 security challenges faced by organizations.
Realizing this, many companies sought help with specialized mitigation services. This is a great first step. But there are still lines to tighten and halyards to replace. Different resources have varying degrees of DDoS resistance. And using a third-party solution is not always enough.
Let’s look at 10 steps you can take to improve your DDoS protectability. And, hopefully, find a safe mooring in this raging hurricane of junk traffic.

A colleague and I recently had a discussion of Zero Trust Architecture (ZTA). There is no one-shoe-fits-all solution out there. Zero Trust is a journey more than it is a turn-key solution. But there are some common features and the NIST 800-207 standard or Microsoft’s Zero Trust advisory are not bad places to start reading. However – with my background at one of the major IGA solution vendors, I started wondering why Identity Governance and Administration (IGA) was never in the pictures when ZTA was discussed. The policy engine always assumes that if an account is member of a certain AD group or Azure role then it is OK and the role of “zero trust” is to check the identity’s device, location, time of day and other ad-hoc factors to decide whether to accept the request, enforce multi-factor authentication or even reject the request.

An effective Computer Security Incident Response Team can mean the difference between safety and vulnerability in today’s cybersecurity landscape. The CSIRT ensures your organization is prepared for cyber incidents and can react quickly to minimize the damage. This article will go over precisely what a CSIRT is, what the roles on the team are, how to assemble a CSIRT and what the CSIRT’s responsibilities are.