You may not realize it, but osquery can make security compliance a little easier.
Imagine you’re a security analyst working remotely and you see something is amiss with a machine in your fleet. SSH isn’t an option because it expands the attack surface. Plus, there’s no guarantee the machine you need to investigate is even accessible through SSH. What do you do?
I’m excited to share that we’ve raised $30M in Series B funding led by Sapphire Ventures. This is a significant milestone for Uptycs. Jai Das from Sapphire Ventures led the round with participation from existing investors Comcast Ventures and ForgePoint Capital. It was an oversubscribed round with no room for additional investors. This serves as a testament to our strong customer relationships, our current success as a venture, and the excitement around the space of SQL-powered security analytics.
Kubernetes nodes – the machines responsible for running your container workloads – can come in a number of shapes, sizes, and configurations. One common deployment pattern, however, is a lack of in-transit encryption between them.
Another common deployment pattern? Lack of TLS support on the container workloads themselves. After all, who wants to set up and manage a PKI (Public-Key Infrastructure) and a private CA (Certificate Authority) for tens or hundreds of microservices, and get the certificates to be trusted by all workloads? I don’t know about you, but that doesn’t sound like a lot of fun to me.
For many security-conscious businesses looking for a SaaS provider, SOC 2 compliance is a minimal requirement. Unfortunately, many providers aren't sure how to implement SOC 2 compliance requirements, as they are inherently vague.
In recent times we are seeing an increased number of Docker container malware. Attackers scan the internet to identify the misconfigured Docker engine API installations to install the malicious images or run commands to install the malware. Access to the Docker engine API can provide an attacker fine control over the Docker installation enabling him/her to create, delete, dump and run commands in the containers, although the majority of the malware seen to-date are either using system resources for crypto mining or denial of service attacks. In general, the container is an encapsulated environment to run the application so it can be used for any activity from proxies to botnet services and can easily become part of attacker infrastructure to distribute malware.