General

This article comprises three parts. We first introduce what a cloud native platform is with a deep dive into Kubernetes (K8s), which is the most popular open-source solution to container orchestration. Then, we discuss the threat landscape and overall security framework for mitigating the corresponding risks. The last part of the article focuses on monitoring and observability using the extended Berkeley Packet Filter (eBPF) technology.

The FBI recently released a public advisory regarding a sharp rise in deepfake videos being used by scammers when applying for remote positions. Combined with identity theft, these criminals are able to convince their would-be remote employers that they are who they claim, and often get positions that have access to sensitive data.
HR, recruiters, and other hiring professionals can no longer use only the techniques they used even a year ago when hiring for remote positions. Those in a hiring position need to be able to pick up on potential clues, such as lip movement that doesn’t coordinate with the audio. It’s not a matter of “this isn’t your parents’ world;” it’s “this isn’t even last year’s world.”

Application Programming Interface (API) use has eclipsed web app use in many sectors, with 70 percent of the 21.1 billion transactions analysed in the latter half of 2021 using this mechanism. APIs are popular because they the business to rapidly upscale development by providing mobile services, migration to the cloud and faster release cycles all of which results in a better connected ecosystem. Their use is expected to continue to rise, with 57 percent of organisations expecting to switch their applications to APIs over the next two years, according to the Enterprise Strategy Group (ESG).
Recognising this shift, attackers have been quick to capitalise on the move and have also turned their attentions to APIs. The latest Cloud Security Alliance (CSA) league table of threat vectors released in June revealed that API attacks are now the second biggest threat facing cloud computing, Two years previously they came in way down the list at number seven which means API attacks are real and growing and that businesses aren’t doing enough to secure their API infrastructure. But where are they going wrong?

SAP is used by 92% of Forbes Global 2000 companies, stores 70% of all corporate data globally and touches 77% of the world’s transactional revenue so its reputation as a market leader in enterprise application software is undeniable. But its ubiquity, longevity and access to sensitive data also makes it a prime target.
SAP systems, from enterprise resource planning (ERP) and human capital management to sales, stakeholder relationship management (SRM), and customer relationship management (CRM), hold valuable digital assets – be it intellectual property, company secrets, employee data, and more. This data is used for business planning, product lifecycle management, business intelligence, or other vital operational procedures.