Techniques and strategies to overcome Kubernetes security challenges

Helpnetsecurity | January 21, 2020

Five security best practices for DevOps and development professionals managing Kubernetes deployments have been introduced by Portshift. Integrating these security measures into the early stages of the CI/CD pipeline will assist organizations in the detection of security issues earlier, allowing security teams to remediate issues quickly. The use of containers continues to rise in popularity in test and production environments, increasing demand for a means to manage and orchestrate them. Of all the orchestration tools, Kubernetes (K8s) has emerged as the market leader in cloud-native environments. Unfortunately, Kubernetes is not as adept at security as it is at orchestration. It is therefore essential to use the right deployment architecture and security best practices for all deployments.

Spotlight

Network Virtualization with VMware NSX This course provides a complete explanation of network virtualization. Beginners will love the simple explanation of network concepts such as ARP, MTU, switching, and routing fundamentals. From there we will learn about virtual switches available with vSphere. NSX Switching, routing, and security lessons will follow.


Other News
VIRTUAL DESKTOP TOOLS

Opera ships its new VPN Pro service to Windows and Mac to give you an extra level of security as you travel

Opera | August 08, 2022

Opera (NASDAQ: OPRA), the company behind the eponymous web browser, recently announced the expansion of its security features with the new VPN Pro subscription service, a premium device-wide VPN that can be used without the installation of a separate app. The VPN Pro service, previously available on Android, is now coming to Opera users on Windows and Mac. Travelling with no limits Opera VPN Pro is now multi-platform Opera VPN Pro is now multi-platform Opera ships its new VPN Pro service to Windows and Mac to give you an extra level of security as you travel Opera ships its new VPN Pro service to Windows and Mac to give you an extra level of security as you travel Opera ships its new VPN Pro service to Windows and Mac to give you an extra level of security as you travel Opera ships its new VPN Pro service to Windows and Mac to give you an extra level of security as you travel The summer is a time of travel, with people once again changing their location: for leisure or to attend industry events. The pleasures of travel, however, also come with the cybersecurity risks of using public Wi-Fi. The Opera browser, which is known for its free browser VPN, which is still available to all of our users, is providing its users with a device-wide solution that protects their laptops no matter where they go and what connections they use – from subway hotspots to hotel Wi-Fi. Opera VPN Pro users can enjoy safe and seamless connections wherever their vacation or business trip takes them. The subscription-based service will cover up to six devices connected to one account. Opera is offering a free month with an unlimited secure VPN connection to those who subscribe to VPN Pro via desktop before August 31st, with an opportunity to cancel the subscription at any time. Working from the beach, airport, or a cafe, as well as just browsing the web for fun, is now safer thanks to the VPN Pro solution. To use the new Opera VPN Pro, users need to install Opera Browser on Windows, or Mac on their computer, then sign into their Opera Account and try it for free. From that point, whenever the VPN is switched on, all the data that users send to the internet will be encrypted and sent to one of thousands of VPN servers around the world. This not only protects them while using unencrypted Wi-Fi at airports, restaurants and city centers, but also makes it harder for advertisers to track them. With a simple click on the Opera VPN Badge in the Opera browser address bar, or via the tray icon, users can enable full protection at any moment. Opera VPN Pro is available in English, German, French, Spanish, Polish, and Brazilian Portuguese. Available on Android, Windows and Mac Back in March, Opera released VPN Pro, a full-featured VPN solution that encrypts all traffic going out of the user's Android device. Today, it's boosting users' privacy on desktop. "VPN services are becoming an essential part of browsing, regardless of the device being used. Therefore, we decided to expand our offering so that users can connect up to six Android and desktop devices to their VPN subscription at once and stay safe online," said Krystian Kolondra, EVP PC & Gaming at Opera. VPN Pro satisfies the needs of those users who are looking for increased protection. It provides security to the entire device and protects up to 6 different Android and Win or Mac devices within one subscription. User data stays safe behind a wall of next-generation encryption, no matter what application is used. Just like Opera's Free VPN, VPN Pro is a no-log service. It offers access to 3,000+ private network servers in over 30 locations around the world, allowing users to download files and browse the web securely with a speedy VPN connection and unlimited bandwidth for all supported devices. There is no need to sacrifice speed for better security since VPN Pro gives access to high-speed servers, so users can browse faster than ever. Additionally, users can run data-saving mode alongside VPN Pro to ensure they never go overboard on their data. How to get started VPN Pro can be used on Windows and Mac by installing Opera Browser for desktop. To enhance device security and safety, users can subscribe to Opera VPN Pro directly inside the Opera Browser by following 5 simple steps: download the latest version of Opera Browser; log into Opera Account and select desired subscription period; follow the payment steps; enjoy a seamless and protected connection to the web! To use the same subscription on your Android device, simply download the Opera Browser for Android from the playstore, sign in to the same Opera account you have on your desktop and start using your VPN Pro on your phone! With Opera VPN Pro, existing Opera users can easily subscribe using their Opera account without the need to download another app or create another account. The pricing options vary from $1.99 to $5.99 per month (depending on the duration of the subscription) of VPN protection, making Opera VPN Pro one of the safest and most economical solutions on the market. If a user ever needs any help with the service, Opera's team of industry-leading experts are always available to assist. Support can be easily reached through the Help Center or by Chat & Email support, both available here. VPN Pro is currently available for users in the majority of markets around the globe. There is a 7-day free trial period and a 30-day money-back guarantee. Before the 31st of August, new users of VPN Pro on desktop can get one month of subscription for free. The release has a pricing offer of $5.99 for one month, $2.99 per month with a 6-month subscription, and $1.99 per month with a 12-month subscription for VPN protection. To discover all the benefits, visit the dedicated VPN Pro page. About Opera Opera is a global web innovator with an active base of hundreds of millions of monthly active users who have sought a better internet experience. Building on over 25 years of innovation that started with browser products, Opera is now leveraging its brand and highly engaged user base in order to expand its business into new segments. Today, Opera offers users around the world a range of products and services that include PC and mobile browsers, the newsreader Opera News, and apps dedicated to gaming, Web3 and e-commerce. Opera is headquartered in Oslo, Norway and listed on the NASDAQ stock exchange (OPRA).

Read More

VMWARE

Infoblox's State of Security Report Spotlights Remote Work Hazards around the World

Infoblox | June 01, 2022

Infoblox, the leader in DNS management and security services, today unveils a global report examining the state of security concerns, costs, and remedies. As the pandemic and uneven shutdowns stretch into a third year, organizations are accelerating digital transformation projects to support remote work. Meanwhile, attackers have seized on vulnerabilities in these environments, creating more work and larger budgets for security teams. 1,100 respondents in IT and cybersecurity roles in 11 countries – United States, Mexico, Brazil, United Kingdom, Germany, France, the Netherlands, Spain, United Arab Emirates, Australia, and Singapore – participated in the survey. Key findings include: The surge in remote work has changed the corporate landscape significantly – and permanently. 52% of respondents accelerated digital transformation projects, 42% increased customer portal support for remote engagement, 30% moved apps to third party cloud providers, and 26% shuttered physical offices for good. These changes led to the additions of VPNs and firewalls, a mix of corporate and employee owned devices as well as cloud and on-premises DDI servers to manage data traffic across the expanded network. The hybrid workforce reality is causing greater concerns with data leakage, ransomware and attacks through remote access tools and cloud services. Respondents indicate concerns about their abilities to counter increasingly sophisticated cyberattacks with limited control over employees, work-from-home technologies, and vulnerable supply chain partners. The sophistication of state-sponsored malware also is a source of worry for many. Organizations have good reason to worry: 53% of respondents experienced up to five security incidents that led to at least one breach. Though ransomware often grab headlines, phishing is the most common conduit for illegal entry. Attacks tended to originate on WiFi access points, employee-owned endpoints, or the cloud. Overall, 43% suffered at least $1 million in direct and indirect losses. Organizations are buying cloud-first security tools to protect their hybrid environments. 59% of respondents saw bigger budgets in 2021 and nearly 75% anticipate an increase in 2022. They are creating a defense-in-depth strategy using everything from endpoint and network security to cloud access security brokers, DNS security, and threat intelligence services to defend their expanded attack surface. Network data is taking center stage for threat hunting. 40% mostly relied on network flow data, 39% on systems-specific vulnerability information, 39% DNS queries, and 37% outside threat intelligence services. Interest in Secure Access Service Edge (SASE) frameworks is accelerating. As assets, access and security move out of the network core to the edge with the push for virtualization, 53% have already partially or fully implemented SASE and another 28% intend to do so. "The pandemic shutdowns over the past two years have reshaped how companies around the world operate, Cloud-first networks and corresponding security controls went from nice-to-have features to business mainstays as organizations sent office workers to work from home. To address the spike in cyberattacks, security teams are turning to DNS security and zero trust models like SASE for a more proactive approach to protecting corporate data and remote devices." Anthony James, VP of Product Marketing at Infoblox About Infoblox Infoblox is the leader in next generation DNS management and security. More than 12,000 customers, including over 70% of the Fortune 500, rely on Infoblox to scale, simplify and secure their hybrid networks to meet the modern challenges of a cloud-first world.

Read More

VIRTUAL DESKTOP TOOLS

Red River Named as a VMware Regional Academy for IT Support and Training

Red River | July 01, 2022

Red River, a technology transformation company serving government and enterprise customers, announced today that it has been designated as a VMware Regional Academy for IT support and training. In partnership with the VMware IT Academy, Red River will provide instructors and students at academic institutions with training and learning resources for high-demand IT skills such as digital workspace, application modernization and multi-cloud. VMware academic programs have created positive change throughout the pandemic, providing next-generation technology to academic institutions, allowing instructors to teach virtually and giving students access to industry certifications. “Red River understands the evolving needs of the IT Industry and its talent,” said Jackie Barker, Director of VMware IT Academy. “VMware IT Academy is thrilled to work with Red River to provide educational resources and experience to students in academia.” As a VMware Regional Academy for IT support, Red River will contribute to industry and economic development, providing skills to students seeking high-demand careers in areas such as cloud, dev ops, data, mobility and security. Red River will also support the remote delivery of VMware courses, helping students excel through online certification opportunities, hands-on labs and other VMware learning resources. “We are pleased to be a part of the Regional Academy, sharing years of technology expertise to benefit the next generation of IT professionals, This opportunity enables us to invest in our industry, so we can better prepare students for work and career growth in a digital world.” Richard Ackerman, Vice President of Workforce Development for Red River Red River’s workforce development program offers extensive training programs, new career opportunities and dedicated partnerships. The company is set on making a positive impact on employees, customers, partners and communities. To learn more about workforce development at Red River visit www.redriver.com/resources/workforce-development. For more information on the VMware IT Academy, visit https://www.vmware.com/company/it-academy.html. About VMware VMware is a leading provider of multi-cloud services for all apps, enabling digital innovation with enterprise control. As a trusted foundation to accelerate innovation, VMware software gives businesses the flexibility and choice they need to build the future. Headquartered in Palo Alto, California, VMware is committed to building a better future through the company’s 2030 Agenda. About Red River Red River brings together the ideal combination of talent, partners and products to disrupt the status quo in technology and drive success for business and government in ways previously unattainable. Red River serves organizations well beyond traditional technology integration, bringing 25 years of experience and mission-critical expertise in security, networking, analytics, collaboration, mobility and cloud solutions.

Read More

VIRTUAL DESKTOP TOOLS

Hybrid Courtroom Recording & Remote Workflows Supported by New FTR Gold 7.6

For The Record | July 29, 2022

Remotely monitor legal proceedings with For The Record's latest digital court reporting release, FTR Gold 7.6. The software that set the industry standard for quality and efficiency now offers fluid livestreaming of audio and video to support full remote management of courtroom recording from anywhere. By eliminating geographic constraints, FTR Gold 7.6 will allow jurisdictions to connect with a broader pool of available stenographers and digital court reporters. FTR Gold 7.6 features several upgrades from past software versions. The primary upgrade is an accelerated FTR Reporter engine, which dramatically improves the playback performance of real-time proceedings to FTR Monitor and FTR Player over a wide area network (WAN) or virtual desktop infrastructure (VDI) environment. The technology records and streams content with the market-leading functionality built into the latest versions of FTR Gold Recording and Monitoring Suites, including 16 channels of high-fidelity audio and four channels of high-definition video. This allows remote court monitors and digital court reporters to simultaneously record, monitor, and livestream proceedings anywhere on the court's network—in the courthouse or across the town, county, or state. According to Priya Sivagnanam, Technical Project Manager of For The Record, "FTR Gold 7.6 facilitates alternative workflows to support courts as they manage the escalating stenographer shortage and adapt to the demand for remote, hybrid hearings. These structural shifts in court operations are only building momentum, so this innovation arrives at a critical time. Courts will find that playback performance during remote monitoring is seamless in WAN and VDI environments. FTR Gold 7.6 is dramatically enhanced from past versions of FTR Gold." About For The Record For The Record is the global leader in digital audio, visual, and record-keeping innovations for the legal justice system. Over three decades, the company has modernized more than 30,000 courtrooms across 70+ countries. For The Record's recent innovations include the world's first cloud-based recording management system; an online transcript ordering platform; real time speech-to-text transcription; and a virtual justice platform that observes traditional court protocols. With the goals of accelerating justice and enhancing accessibility, For The Record continuously develops new courtroom technology.

Read More

Spotlight

Network Virtualization with VMware NSX This course provides a complete explanation of network virtualization. Beginners will love the simple explanation of network concepts such as ARP, MTU, switching, and routing fundamentals. From there we will learn about virtual switches available with vSphere. NSX Switching, routing, and security lessons will follow.

Resources