Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

As AI adoptions become increasingly integral to all aspects of society worldwide, there is a heightened global race to establish artificial intelligence governance frameworks that ensure their safe, private, and ethical use. Nations and regions are actively developing policies and guidelines to manage AI’s expansive influence and mitigate associated risks. This global effort reflects a recognition of the profound impact that AI has on everything from consumer rights to national security.

Manual deployment of Docker containers on multiple servers can be highly time-consuming, monopolizing the schedule of any system administrator charged with the task. In the modern IT industry, the popularity of clouds, microservices and containers continues to grow, and for this reason, solutions such as Kubernetes were developed.

Network policies are essential for securing your Kubernetes clusters. They allow you to control which pods can communicate with each other, and to what extent. However, it can be difficult to keep track of all of your network policies and to ensure that they are configured correctly. This is especially true if you have a large and complex cluster with more than 100 nodes. One way to address this challenge is to leverage Prometheus and AlertManager embedded in Calico Enterprise/Cloud.

Cuttlefish malware targets SOHO routers, nation states and cybercriminals share compromised networks, and threat actors use Docker Hub to spread malware and phishing scams.

As the number of applications and participants grows within your cluster, it may be necessary to evaluate and limit the activities they can perform. For instance, you may consider restricting access to production to only a select few individuals. Alternatively, you may opt to provide a limited range of permissions to an operator deployed within the cluster.

Today at RSA Conference 2024, Mend.io and Sysdig unveiled a joint solution targeted at helping developers, DevOps, and security teams accelerate secure software delivery from development to deployment. The integration incorporates the exchange of runtime insights and application ownership context between Sysdig Secure and Mend Container to provide users with superior, end-to-end, and risk-based vulnerability prioritization and remediation across development and production environments.

Today at the RSA Conference 2024, Mend.io and Sysdig unveiled a joint solution to helping developers, DevOps, and security teams accelerate secure software delivery from development to deployment. The new integration incorporates runtime context from Sysdig with Mend Container to provide users with superior, end-to-end, and risk-based vulnerability prioritization and remediation across development and production environments.

The Sysdig Threat Research Team (TRT) recently observed a new attack that leveraged stolen cloud credentials in order to target ten cloud-hosted large language model (LLM) services, known as LLMjacking. The credentials were obtained from a popular target, a system running a vulnerable version of Laravel (CVE-2021-3129). Attacks against LLM-based Artificial Intelligence (AI) systems have been discussed often, but mostly around prompt abuse and altering training data.

In the ever-evolving landscape of cloud security, staying ahead of threats is paramount. Success requires well-orchestrated cybersecurity solutions that work together from prevention to defense. Today we launched our latest initiative, the Runtime Insights Partner Ecosystem, which brings together leading solutions that strengthen cloud security through integration and collaboration.