Container security

Although Linux is still a fraction of the market share of Microsoft Windows and Mac OS X, its growth continues to accelerate.  Linux will continue to grow at compounded annual growth rate (CAGR) of 19.2% through 2027.  Some of the primary factors for this growth include: Cloud computing infrastructure, Containerization of applications, and Microsoft’s support […]

There are a number of industry analyst reports on application security.  Each analyst firm and report takes its own slice of the market to analyze and report on vendors within that market.  For example, the Forrester Wave focuses on Static Application Security Testing, the Gartner Magic Quadrant focuses on Application Security Testing as a whole, […]

The growth of application development, DevOps, containers, and cloud has fueled the growth of application security tools.  We now have static analysis, software composition analysis, interactive analysis, dynamic analysis, container scanning, infrastructure as code scanning, and a number of runtime application security products.  That’s a lot of testing data, but how do we integrate it […]

There are a lot of endpoint security solutions on the market.  How do you pick and choose which solution is right for you?  The answer may depend on which endpoints you want to protect. Windows? MacOS? Linux? All of the above?  What about containers and cloud infrastructure? When we think of traditional endpoints, we immediately […]

Cloud-Native and Serverless are the next evolution of application architecture.  But protecting these applications is not easy.  Where do I install my agent?  How do I monitor network traffic?  What APIs are exposed? The adoption of containers started this challenge a few years ago by abstracting the application from the operating system.  In order to […]

We’ve all heard the term Immutable Infrastructure, especially with cloud deployments, but what does it really mean?  What are the security and compliance impacts of Immutable Infrastructure? Let’s start with a quick overview of Immutable Infrastructure.  Simply defined, Immutable Infrastructure means that the state of networks, servers, applications, etc. are not subjected to change in […]

We’re all familiar with the Open Web Application Security Project (OWASP) Top 10 Web Application Security Risks.  Not only have organizations used this list to adopt new development practices to produce more secure code, but security vendors have built products to detect and prevent these top attacks.  But what happens when an attacker uses your […]