Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

The best way to know if something works is to try it out. Ensuring that your security products are actually working is a fundamental task of routine maintenance. This is why it is so useful to use tools like Atomic Red Team that generate suspicious events based on ATT&CK techniques and see how Falco triggers alerts. In this blog, we will cover how to install and run the Atomic Red Team environment on a Kubernetes system for testing Falco rules.

Kubernetes powers significant automation capabilities for developers in deploying, managing, scaling, and ensuring the availability of containerized apps. Data from 2021 shows that adoption continues to rise with over 5.6 million developers now using the industry’s favored container orchestration engine. However, Kubernetes and containerization introduce new complexities that pose unique security challenges.

TOR was created with the idea of anonymizing connections across the Internet, but as in other instances, this can be used by attackers to hide themselves. In this article, we will describe how easy it is to detect inbound and outbound network connections through the TOR network using Falco.

It was a busy week last week at KubeCon +CloudNativeCon Europe 2022 in Valencia, Spain. It seemed like the entire world related to Kubernetes came together after two years of being apart. It was fulfilling meeting up with our peers and gaining market insight- face-to-face. Catalogic’s core messaging this year has revolved around cyber-resilience for data protection.

Calico Open Source is an industry standard for container security and networking that offers high-performance cloud-native scalability and supports Kubernetes workloads, non-Kubernetes workloads, and legacy workloads. Created and maintained by Tigera, Calico Open Source offers a wide range of support for your choice of data plane whether it’s Windows, eBPF, Linux, or VPP. We’re excited to announce our new certification course for Azure, Certified Calico Operator: Azure Expert!

We’re living in the age of accelerated consumption and delivery. You can get a seemingly infinite selection of products delivered to your door within two days, for free, from thousands of miles away. You can access an endless variety of services online within mere seconds: Movies, music, games, education and even health care. These modern marvels are afforded to us by relatively recent advances in software development, delivery and operations.

Fixing vulnerabilities can be hard—especially so for cloud-native applications. Let’s take a deeper look at why this is, and how mitigating controls can help secure your cloud-native applications.

Kubernetes is a tool used by many developers and DevOps administrators to deploy and manage containerized applications, and it has become a default tool for container orchestration in many organizations.

This week BlackHat Asia 2022 took place in hybrid mode. It’s one of the most important events within the #infosec community, where security experts show how far they can go. In this edition, the trend of talks and tools focused on improving the security of Kubernetes, Cloud Security or Supply Chain, either from the perspective of the blue team or the red team.