Featured article

Getting Started with Panoptica on AWS using Kubernetes Goat
By: Jan Schulte
Sep 1, 2023

In this blog you will learn how to easily secure your microservices apps running on Amazon EKS cluster using Panoptica, Cisco's cloud native application security SaaS service. We use an open source Kubernetes Goat application to see common misconfig...

Recent article

How a Graph-Based Approach Can Elevate Your Cloud Security

By: Roy Maor
Sep 27, 2023

Ever wondered how large organizations map complex cloud architecture, complete with dynamic assets, fast-paced changes, and tightly woven interdependencies? Here’s your introduction to using graph theory for cloud risk management, reducing the cyb...

Attack Path Analysis

How a Graph-Based Approach Can Elevate Your Cloud Security

By: Roy Maor
Sep 27, 2023

Ever wondered how large organizations map complex cloud architecture, complete with dynamic assets, fast-paced changes, and tightly woven interdependencies? Here’s your introduction to using graph theory for cloud risk management, reducing the cyb...

Weaponizing the Utility of Jenkins Script Consoles 

By: Rami H.
Sep 15, 2023

Jenkins misconfigurations can have far-reaching consequences; Cisco Panoptica’s attack surface scanner can detect such misconfigurations.  Jenkins is a widely used tool for continuous integration and continuous delivery and deployment (CI/...

What Is An Attack Path & How Does It Help Identify Risks? 

By: Becca Gomby
Aug 22, 2023

In this post, we discuss what an attack path is, how mapping an attack path works, and how it can help you get improved visibility into your cloud environments to better identify potential critical risks and vulnerabilities.  What Is an Atta...

Cloud Native Security

How a Graph-Based Approach Can Elevate Your Cloud Security

By: Roy Maor
Sep 27, 2023

Ever wondered how large organizations map complex cloud architecture, complete with dynamic assets, fast-paced changes, and tightly woven interdependencies? Here’s your introduction to using graph theory for cloud risk management, reducing the cyb...

Weaponizing the Utility of Jenkins Script Consoles 

By: Rami H.
Sep 15, 2023

Jenkins misconfigurations can have far-reaching consequences; Cisco Panoptica’s attack surface scanner can detect such misconfigurations.  Jenkins is a widely used tool for continuous integration and continuous delivery and deployment (CI/...

Three Takeaways on Cloud Security from the IBM Data Breach Report 2023  

By: Shweta Khare
Aug 29, 2023

IBM’s annual Cost of a Data Breach Report offers its usual insights into the scale of cybercrime and the costs of security breaches. It paints a picture of a technological landscape which is becoming more complex, demanding and uncertain. As organ...

API Security

Webinar | Securing Application Workloads, APIs, and Serverless Functions with Panoptica

By: Shweta Khare
Aug 25, 2023

Application architectures have been transformed in recent years. Modern application systems have become more complex with monolithic applications being replaced by more complicated applications based on multiple microservices and stored on cloud pla...

Staying Ahead of the Threat Landscape: The Importance of Application Security Modernization 

By: Shweta Khare
Aug 7, 2023

In today's world, when we talk about software, we're usually talking about the applications that make our digital lives work. Software applications have become the digital tools that empower us to navigate our complex world, streamline our workf...

API Security is Now Available on Panoptica!

By: Meenakshi Kaushik
Feb 27, 2023

Panoptica is a user-friendly Cloud-Native Application Security Platform that reduces tool sprawl and offers an integrated suite of tools to identify, assess, prioritize, and remediate security vulnerabilities. Panoptica supports DevSecOps, Platform,...

Going to Black Hat Europe 2022? Let’s Connect In Person in London or Virtually! 

By: Sarabjeet Chugh
Nov 30, 2022

December is the most magical month to visit London. The capital transforms into a sparkling winter wonderland when the streets light up with Christmas lights. Another unmissable event in London this December is the Black Hat conference, which att...

OpenClarity: A Community-Led Approach to Cloud-Native Application Security

By: Tim Miller
Oct 27, 2022

Developing decentralized applications is simultaneously freeing and scary. The freedom comes from being able to develop, release, and upgrade application components without being bound by a huge, monolithic release cycle. And if something goes wrong...

FunctionClarity: The Key to Secure Serverless Computing

By: Tim Miller
Oct 27, 2022

Serverless computing frees developers to focus on developing and deploying cloud-native features and services faster, without having to manage infrastructure. Untethered from platform and operating-system management, these functions allow developers...

Speed Versus Security: Tackling the “Developer’s Dilemma”

By: Rami H.
Sep 19, 2022

Today’s developer just can’t win. It’s a continuous tug of war between business objectives—the boss who wants releases “faster, faster, faster!” and the security team, who keeps halting releases because of insecure code—with the develo...

Securing Serverless Applications Against the Most Critical Risks

By: Sarabjeet Chugh
Sep 19, 2022

If you’re a developer working in a cloud environment, there’s a good chance that you’ve either started thinking about serverless computing or have already started to deploy it. And why not? Unlike VMs or container clusters, serverless function...

Seeing the Unseen: Gaining Visibility into API Payload Encryption

By: Alessandro Duminuco
Jun 7, 2022

When it comes to API security, end-to-end encryption presents something of a paradox. On one hand, encryption secures the data that is exchanged during transactions. This is, of course, a good thing. But there’s a drawback: When you use end-...

Introducing Panoptica, The Cisco Secure Application Cloud

By: Rich Gold
May 19, 2022

Enabling DevSecops for cloud native applications through security automation “From the acquisition of Portshift, the Cisco Emerging Technology and Incubation team has been on a mission to enable secure software development for cl...

5 Real-World API Security Breaches from 2021

By: Ran Ilany
Apr 14, 2022

It’s no exaggeration to say that, when it comes to API security, there are a lot of challenges. Not only are attacks that exploit vulnerabilities in APIs on the rise, but there is good reason to believe that API vulnerabilities will be am...

Securing API Calls in Kubernetes, a Simple and Effective Approach

By: Alessandro Duminuco
Apr 13, 2022

Historically, API authentication methods have involved a tradeoff between security and convenience. Today, with cloud native applications and Kubernetes, there are several options, but security tradeoffs remain: You could hardcode credentials, w...

The 3 Pillars of API Security: Visibility, Risk Scoring & Enforcement

By: Alessandro Duminuco
Oct 20, 2021

You can’t secure what you can’t see. APIs are no exception. Whether your application uses internal APIs to manage interactions between microservices, external APIs to integrate with third-party services, or both, you need to be able to visual...

Internal vs. External API Security: What to Know

By: Peter Bosch
Oct 6, 2021

Every API falls into one of two categories: Internal or external. External APIs are APIs that developers use to integrate their applications with a third-party resource, such as a public cloud service or a SaaS application. This type of API is pr...

API Security - The Challenges & Latest Developments

By: Naor Shmuel
Jul 23, 2021

Forrester dubbed API Insecurity "the lurking threat in your software." Understanding API security-specific risks is key to protecting your API. New ways of thinking about API security are emerging. Using external services through APIs is routinel...

Cisco – the Bridge to an API-first, Cloud Native World

By: Liz Centoni
Apr 30, 2021

The traditional development of applications is giving way to a new era of modern application development. Modern apps are on a steep rise. Increasingly, the application experience is the new customer experience. Faster innovation velocity is need...

Vulnerability Management

Fortifying the Cloud-Native Frontier: Strategies for Application Security

By: Shweta Khare
Jun 29, 2023

The absence of cloud-native application security can have serious consequences for organizations. It exposes applications to higher risks of cyber threats, making them vulnerable to unauthorized access, data breaches, and disruptions. Non-compliance...

Unveiling the Top 5 Risks of Cloud-Native Environments

By: Shweta Khare
Jun 21, 2023

As cloud-native applications become the fuel powering business success, protecting the underlying application environment is vital. But that’s a complex and multi-faceted endeavor: Applications need to be protected throughout their lifecycle (from...

Spica Systems Embraces Panoptica to Develop a Highly Secure Private 5G Network Application

By: Tricia Nagar
Jun 15, 2023

At Spica Systems, developing applications that support private 5G network adoption among customers is an obsession. The Spica Systems team is deeply committed to designing SMC (Spica Mobility Core), their private 5G packet core application that help...

A New Open-Source Tool that Fills a Critical Serverless Security Gap 

By: Ariel Shuper
Nov 22, 2022

One of the main attractions of moving software to the cloud has always been the “shared responsibility model,” wherein the cloud provider deploys, protects, and maintains the underlying infrastructure and execution environment and the custom...

How Panoptica Secures GitOps to Protect CI/CD Pipeline Tools

By: Tomer Dvir
Jun 8, 2022

If you work in software development or IT, you’ve likely heard about – and perhaps are even practicing – GitOps, the latest, greatest way to accelerate software delivery. GitOps uses Git, the version control system, to centralize and stan...

Leveraging Gitops to Deploy Cloud Native Security

By: Tomer Dvir
Nov 8, 2021

GitOps is increasingly popular among developers as it accelerates development, but as security requirements grow, a new approach is needed. GitOps security needs to shift left. Here’s how to secure your GitOps repository. GitOps is gaining trac...

Automated Policy for developers using CI/CD (Terraform) tools

By: Tomer Dvir
Aug 16, 2021

Automated Policy - Infrastructure as code is a core element of today’s CI/CD pipeline and led to the emergence of Continuous Configuration Automation (CCA) tools, such as Terraform, a leading declarative push CCA solution launched by HashiCorp in ...

Kubernetes

Getting Started with Panoptica on AWS using Kubernetes Goat

By: Jan Schulte
Sep 1, 2023

In this blog you will learn how to easily secure your microservices apps running on Amazon EKS cluster using Panoptica, Cisco's cloud native application security SaaS service. We use an open source Kubernetes Goat application to see common misconfig...

Webinar | Securing Application Workloads, APIs, and Serverless Functions with Panoptica

By: Shweta Khare
Aug 25, 2023

Application architectures have been transformed in recent years. Modern application systems have become more complex with monolithic applications being replaced by more complicated applications based on multiple microservices and stored on cloud pla...

Staying Ahead of the Threat Landscape: The Importance of Application Security Modernization 

By: Shweta Khare
Aug 7, 2023

In today's world, when we talk about software, we're usually talking about the applications that make our digital lives work. Software applications have become the digital tools that empower us to navigate our complex world, streamline our workf...

Securing Kubernetes in Production: 5 Best Practices for Securing Your K8s Clusters

By: Tricia Nagar
Jul 11, 2023

While many organizations have successfully adopted containers and the container orchestration framework Kubernetes, it is worth noting that many enterprises feel challenged with running containers in production.Various reasons contribute to the hesi...

Unveiling the Top 5 Risks of Cloud-Native Environments

By: Shweta Khare
Jun 21, 2023

As cloud-native applications become the fuel powering business success, protecting the underlying application environment is vital. But that’s a complex and multi-faceted endeavor: Applications need to be protected throughout their lifecycle (from...

Spica Systems Embraces Panoptica to Develop a Highly Secure Private 5G Network Application

By: Tricia Nagar
Jun 15, 2023

At Spica Systems, developing applications that support private 5G network adoption among customers is an obsession. The Spica Systems team is deeply committed to designing SMC (Spica Mobility Core), their private 5G packet core application that help...

Enhance Your Container Security with the MITRE ATT&CK Framework

By: Tricia Nagar
Apr 27, 2023

You are a self-professed cloud-native security warrior. You live to keep your containers and applications safe from the bad guys. Safe from the possibility of a cyberattack. Safe from a security breach. You are constantly evaluating the cloud threat...

The Case for Agentless Scanning for Simpler Cloud-Native Security

By: Tricia Nagar
Mar 30, 2023

As the cloud-native security space continues to evolve and expand, emerging concepts from the domain keep finding their way into mainstream industry vernacular. “Agentless” being one such concept. If you’ve never heard of agentless scanning be...

Emerging Technologies at the Inaugural CloudNativeSecurityCon Feb 1-2 

By: Kim McMahon
Jan 31, 2023

The inaugural CloudNativeSecurityCon (CNSC), hosted by Cloud Native Computing Foundation (CNCF), is happening February 1st and 2nd in Seattle, Washington and our team is excited to participate and support this event.  As more organizations s...

Protect Your Cloud-Native Apps from Common Security Failures

By: Tricia Nagar
Dec 6, 2022

The shift to cloud-native app development on Kubernetes is in full force. Today, cloud-native has become the strategy of choice in the software industry. There are plenty of reasons the industry is preferring cloud-native software development over l...

A New Open-Source Tool that Fills a Critical Serverless Security Gap 

By: Ariel Shuper
Nov 22, 2022

One of the main attractions of moving software to the cloud has always been the “shared responsibility model,” wherein the cloud provider deploys, protects, and maintains the underlying infrastructure and execution environment and the custom...

OpenSSL 3.0 Critical Vulnerabilities: Should You be Spooked?

By: Sarabjeet Chugh
Nov 1, 2022

Don’t be. Act now—use Panoptica to scan for OpenSSL vulnerabilities for free. On November 1, the OpenSSL Project team released a critical patch for OpenSSL 3.0. The patch—OpenSSL 3.0.7—will fix this vulnerability in the library affecting ...

Why Now Is the Time for CISOs to Embrace CNAPP for Cloud Native Security

By: Ran Ilany
Apr 20, 2022

“Breaking down silos” is a common phrase in the world of DevOps and DevSecOps. Ironically, though, if you look at how many DevOps and DevSecOps cloud native security tools actually work, you realize that the tools used are very siloed. In...

Cisco ET&I & Cloud Native Security - Pushing boundaries & making bold bets

By: Ran Ilany
Feb 7, 2022

Successful enterprises are good at what they do – so good, in fact, that it can become difficult for them to embrace new ideas. Instead, many choose to rest on the laurels of their existing products and services – Usually their successful produc...

Everything DevOps need to know about the NSA’s Kubernetes Security Guidance

By: Alexei Kravtsov
Nov 30, 2021

Kubernetes security is a complex topic. So complex that the National Security Agency recently issued a 59-page guidance document on Kubernetes security hardening. Yet, when you boil this advice down, you’ll find that most sources of c...

Hardening Kubernetes Containers Security with Seccomp

By: Erez Fishimer
Aug 13, 2021

Seccomps - An often overlooked way to harden Kubernetes containers’ security is by applying seccomp profiles. Customizing seccomp profiles, in effect, provides a deeply embedded line of defense that adds a layer of protection to your application i...

What’s New in Kubernetes v1.21 and Istio 1.9 Releases and their implications on DevOps?

By: Alexei Kravtsov
Jul 22, 2021

Kubernetes and service mesh are increasingly interrelated, yet their new versions are released separately on different dates. Kubernetes and Istio’s last releases help to get a clearer understanding of the interplay between them and how one affect...

A new MITRE ATT&CK security framework for Containers and Kubernetes

By: Ariel Shuper
May 7, 2021

Last week (April 29th) the MITRE org released the ATT&CK matrix for Containers. The release marks the culmination of a research project investigating the viability of container-related techniques into an ATT&CK matrix. Based on extensiv...

Others

Protect Your Cloud-Native Apps from Common Security Failures

By: Tricia Nagar
Dec 6, 2022

The shift to cloud-native app development on Kubernetes is in full force. Today, cloud-native has become the strategy of choice in the software industry. There are plenty of reasons the industry is preferring cloud-native software development over l...

An Open-Source Antidote for a Growing Problem: API Security

By: Brianna Blacet
Nov 29, 2022

In an effort to support continuous development and release of new features at the lightning speed of today’s market, forward-looking organizations have been moving to cloud-native architectures in droves. The reasons are obvious: these decentraliz...

API Security

Webinar | Securing Application Workloads, APIs, and Serverless Functions with Panoptica

By: Shweta Khare
Aug 25, 2023

Application architectures have been transformed in recent years. Modern application systems have become more complex with monolithic applications being replaced by more complicated applications based on multiple microservices and stored on cloud pla...

Staying Ahead of the Threat Landscape: The Importance of Application Security Modernization 

By: Shweta Khare
Aug 7, 2023

In today's world, when we talk about software, we're usually talking about the applications that make our digital lives work. Software applications have become the digital tools that empower us to navigate our complex world, streamline our workf...

API Security is Now Available on Panoptica!

By: Meenakshi Kaushik
Feb 27, 2023

Panoptica is a user-friendly Cloud-Native Application Security Platform that reduces tool sprawl and offers an integrated suite of tools to identify, assess, prioritize, and remediate security vulnerabilities. Panoptica supports DevSecOps, Platform,...

Going to Black Hat Europe 2022? Let’s Connect In Person in London or Virtually! 

By: Sarabjeet Chugh
Nov 30, 2022

December is the most magical month to visit London. The capital transforms into a sparkling winter wonderland when the streets light up with Christmas lights. Another unmissable event in London this December is the Black Hat conference, which att...

OpenClarity: A Community-Led Approach to Cloud-Native Application Security

By: Tim Miller
Oct 27, 2022

Developing decentralized applications is simultaneously freeing and scary. The freedom comes from being able to develop, release, and upgrade application components without being bound by a huge, monolithic release cycle. And if something goes wrong...

FunctionClarity: The Key to Secure Serverless Computing

By: Tim Miller
Oct 27, 2022

Serverless computing frees developers to focus on developing and deploying cloud-native features and services faster, without having to manage infrastructure. Untethered from platform and operating-system management, these functions allow developers...

Speed Versus Security: Tackling the “Developer’s Dilemma”

By: Rami H.
Sep 19, 2022

Today’s developer just can’t win. It’s a continuous tug of war between business objectives—the boss who wants releases “faster, faster, faster!” and the security team, who keeps halting releases because of insecure code—with the develo...

Securing Serverless Applications Against the Most Critical Risks

By: Sarabjeet Chugh
Sep 19, 2022

If you’re a developer working in a cloud environment, there’s a good chance that you’ve either started thinking about serverless computing or have already started to deploy it. And why not? Unlike VMs or container clusters, serverless function...

Seeing the Unseen: Gaining Visibility into API Payload Encryption

By: Alessandro Duminuco
Jun 7, 2022

When it comes to API security, end-to-end encryption presents something of a paradox. On one hand, encryption secures the data that is exchanged during transactions. This is, of course, a good thing. But there’s a drawback: When you use end-...

Introducing Panoptica, The Cisco Secure Application Cloud

By: Rich Gold
May 19, 2022

Enabling DevSecops for cloud native applications through security automation “From the acquisition of Portshift, the Cisco Emerging Technology and Incubation team has been on a mission to enable secure software development for cl...

5 Real-World API Security Breaches from 2021

By: Ran Ilany
Apr 14, 2022

It’s no exaggeration to say that, when it comes to API security, there are a lot of challenges. Not only are attacks that exploit vulnerabilities in APIs on the rise, but there is good reason to believe that API vulnerabilities will be am...

Securing API Calls in Kubernetes, a Simple and Effective Approach

By: Alessandro Duminuco
Apr 13, 2022

Historically, API authentication methods have involved a tradeoff between security and convenience. Today, with cloud native applications and Kubernetes, there are several options, but security tradeoffs remain: You could hardcode credentials, w...

The 3 Pillars of API Security: Visibility, Risk Scoring & Enforcement

By: Alessandro Duminuco
Oct 20, 2021

You can’t secure what you can’t see. APIs are no exception. Whether your application uses internal APIs to manage interactions between microservices, external APIs to integrate with third-party services, or both, you need to be able to visual...

Internal vs. External API Security: What to Know

By: Peter Bosch
Oct 6, 2021

Every API falls into one of two categories: Internal or external. External APIs are APIs that developers use to integrate their applications with a third-party resource, such as a public cloud service or a SaaS application. This type of API is pr...

API Security - The Challenges & Latest Developments

By: Naor Shmuel
Jul 23, 2021

Forrester dubbed API Insecurity "the lurking threat in your software." Understanding API security-specific risks is key to protecting your API. New ways of thinking about API security are emerging. Using external services through APIs is routinel...

Cisco – the Bridge to an API-first, Cloud Native World

By: Liz Centoni
Apr 30, 2021

The traditional development of applications is giving way to a new era of modern application development. Modern apps are on a steep rise. Increasingly, the application experience is the new customer experience. Faster innovation velocity is need...

Vulnerability Management

Fortifying the Cloud-Native Frontier: Strategies for Application Security

By: Shweta Khare
Jun 29, 2023

The absence of cloud-native application security can have serious consequences for organizations. It exposes applications to higher risks of cyber threats, making them vulnerable to unauthorized access, data breaches, and disruptions. Non-compliance...

Unveiling the Top 5 Risks of Cloud-Native Environments

By: Shweta Khare
Jun 21, 2023

As cloud-native applications become the fuel powering business success, protecting the underlying application environment is vital. But that’s a complex and multi-faceted endeavor: Applications need to be protected throughout their lifecycle (from...

Spica Systems Embraces Panoptica to Develop a Highly Secure Private 5G Network Application

By: Tricia Nagar
Jun 15, 2023

At Spica Systems, developing applications that support private 5G network adoption among customers is an obsession. The Spica Systems team is deeply committed to designing SMC (Spica Mobility Core), their private 5G packet core application that help...

A New Open-Source Tool that Fills a Critical Serverless Security Gap 

By: Ariel Shuper
Nov 22, 2022

One of the main attractions of moving software to the cloud has always been the “shared responsibility model,” wherein the cloud provider deploys, protects, and maintains the underlying infrastructure and execution environment and the custom...

How Panoptica Secures GitOps to Protect CI/CD Pipeline Tools

By: Tomer Dvir
Jun 8, 2022

If you work in software development or IT, you’ve likely heard about – and perhaps are even practicing – GitOps, the latest, greatest way to accelerate software delivery. GitOps uses Git, the version control system, to centralize and stan...

Leveraging Gitops to Deploy Cloud Native Security

By: Tomer Dvir
Nov 8, 2021

GitOps is increasingly popular among developers as it accelerates development, but as security requirements grow, a new approach is needed. GitOps security needs to shift left. Here’s how to secure your GitOps repository. GitOps is gaining trac...

Automated Policy for developers using CI/CD (Terraform) tools

By: Tomer Dvir
Aug 16, 2021

Automated Policy - Infrastructure as code is a core element of today’s CI/CD pipeline and led to the emergence of Continuous Configuration Automation (CCA) tools, such as Terraform, a leading declarative push CCA solution launched by HashiCorp in ...

Kubernetes

Getting Started with Panoptica on AWS using Kubernetes Goat

By: Jan Schulte
Sep 1, 2023

In this blog you will learn how to easily secure your microservices apps running on Amazon EKS cluster using Panoptica, Cisco's cloud native application security SaaS service. We use an open source Kubernetes Goat application to see common misconfig...

Webinar | Securing Application Workloads, APIs, and Serverless Functions with Panoptica

By: Shweta Khare
Aug 25, 2023

Application architectures have been transformed in recent years. Modern application systems have become more complex with monolithic applications being replaced by more complicated applications based on multiple microservices and stored on cloud pla...

Staying Ahead of the Threat Landscape: The Importance of Application Security Modernization 

By: Shweta Khare
Aug 7, 2023

In today's world, when we talk about software, we're usually talking about the applications that make our digital lives work. Software applications have become the digital tools that empower us to navigate our complex world, streamline our workf...

Securing Kubernetes in Production: 5 Best Practices for Securing Your K8s Clusters

By: Tricia Nagar
Jul 11, 2023

While many organizations have successfully adopted containers and the container orchestration framework Kubernetes, it is worth noting that many enterprises feel challenged with running containers in production.Various reasons contribute to the hesi...

Unveiling the Top 5 Risks of Cloud-Native Environments

By: Shweta Khare
Jun 21, 2023

As cloud-native applications become the fuel powering business success, protecting the underlying application environment is vital. But that’s a complex and multi-faceted endeavor: Applications need to be protected throughout their lifecycle (from...

Spica Systems Embraces Panoptica to Develop a Highly Secure Private 5G Network Application

By: Tricia Nagar
Jun 15, 2023

At Spica Systems, developing applications that support private 5G network adoption among customers is an obsession. The Spica Systems team is deeply committed to designing SMC (Spica Mobility Core), their private 5G packet core application that help...

Enhance Your Container Security with the MITRE ATT&CK Framework

By: Tricia Nagar
Apr 27, 2023

You are a self-professed cloud-native security warrior. You live to keep your containers and applications safe from the bad guys. Safe from the possibility of a cyberattack. Safe from a security breach. You are constantly evaluating the cloud threat...

The Case for Agentless Scanning for Simpler Cloud-Native Security

By: Tricia Nagar
Mar 30, 2023

As the cloud-native security space continues to evolve and expand, emerging concepts from the domain keep finding their way into mainstream industry vernacular. “Agentless” being one such concept. If you’ve never heard of agentless scanning be...

Emerging Technologies at the Inaugural CloudNativeSecurityCon Feb 1-2 

By: Kim McMahon
Jan 31, 2023

The inaugural CloudNativeSecurityCon (CNSC), hosted by Cloud Native Computing Foundation (CNCF), is happening February 1st and 2nd in Seattle, Washington and our team is excited to participate and support this event.  As more organizations s...

Protect Your Cloud-Native Apps from Common Security Failures

By: Tricia Nagar
Dec 6, 2022

The shift to cloud-native app development on Kubernetes is in full force. Today, cloud-native has become the strategy of choice in the software industry. There are plenty of reasons the industry is preferring cloud-native software development over l...

A New Open-Source Tool that Fills a Critical Serverless Security Gap 

By: Ariel Shuper
Nov 22, 2022

One of the main attractions of moving software to the cloud has always been the “shared responsibility model,” wherein the cloud provider deploys, protects, and maintains the underlying infrastructure and execution environment and the custom...

OpenSSL 3.0 Critical Vulnerabilities: Should You be Spooked?

By: Sarabjeet Chugh
Nov 1, 2022

Don’t be. Act now—use Panoptica to scan for OpenSSL vulnerabilities for free. On November 1, the OpenSSL Project team released a critical patch for OpenSSL 3.0. The patch—OpenSSL 3.0.7—will fix this vulnerability in the library affecting ...

Why Now Is the Time for CISOs to Embrace CNAPP for Cloud Native Security

By: Ran Ilany
Apr 20, 2022

“Breaking down silos” is a common phrase in the world of DevOps and DevSecOps. Ironically, though, if you look at how many DevOps and DevSecOps cloud native security tools actually work, you realize that the tools used are very siloed. In...

Cisco ET&I & Cloud Native Security - Pushing boundaries & making bold bets

By: Ran Ilany
Feb 7, 2022

Successful enterprises are good at what they do – so good, in fact, that it can become difficult for them to embrace new ideas. Instead, many choose to rest on the laurels of their existing products and services – Usually their successful produc...

Everything DevOps need to know about the NSA’s Kubernetes Security Guidance

By: Alexei Kravtsov
Nov 30, 2021

Kubernetes security is a complex topic. So complex that the National Security Agency recently issued a 59-page guidance document on Kubernetes security hardening. Yet, when you boil this advice down, you’ll find that most sources of c...

Hardening Kubernetes Containers Security with Seccomp

By: Erez Fishimer
Aug 13, 2021

Seccomps - An often overlooked way to harden Kubernetes containers’ security is by applying seccomp profiles. Customizing seccomp profiles, in effect, provides a deeply embedded line of defense that adds a layer of protection to your application i...

What’s New in Kubernetes v1.21 and Istio 1.9 Releases and their implications on DevOps?

By: Alexei Kravtsov
Jul 22, 2021

Kubernetes and service mesh are increasingly interrelated, yet their new versions are released separately on different dates. Kubernetes and Istio’s last releases help to get a clearer understanding of the interplay between them and how one affect...

A new MITRE ATT&CK security framework for Containers and Kubernetes

By: Ariel Shuper
May 7, 2021

Last week (April 29th) the MITRE org released the ATT&CK matrix for Containers. The release marks the culmination of a research project investigating the viability of container-related techniques into an ATT&CK matrix. Based on extensiv...

Others

Protect Your Cloud-Native Apps from Common Security Failures

By: Tricia Nagar
Dec 6, 2022

The shift to cloud-native app development on Kubernetes is in full force. Today, cloud-native has become the strategy of choice in the software industry. There are plenty of reasons the industry is preferring cloud-native software development over l...

An Open-Source Antidote for a Growing Problem: API Security

By: Brianna Blacet
Nov 29, 2022

In an effort to support continuous development and release of new features at the lightning speed of today’s market, forward-looking organizations have been moving to cloud-native architectures in droves. The reasons are obvious: these decentraliz...

Attack Path Analysis

How a Graph-Based Approach Can Elevate Your Cloud Security

By: Roy Maor
Sep 27, 2023

Ever wondered how large organizations map complex cloud architecture, complete with dynamic assets, fast-paced changes, and tightly woven interdependencies? Here’s your introduction to using graph theory for cloud risk management, reducing the cyb...

Weaponizing the Utility of Jenkins Script Consoles 

By: Rami H.
Sep 15, 2023

Jenkins misconfigurations can have far-reaching consequences; Cisco Panoptica’s attack surface scanner can detect such misconfigurations.  Jenkins is a widely used tool for continuous integration and continuous delivery and deployment (CI/...

What Is An Attack Path & How Does It Help Identify Risks? 

By: Becca Gomby
Aug 22, 2023

In this post, we discuss what an attack path is, how mapping an attack path works, and how it can help you get improved visibility into your cloud environments to better identify potential critical risks and vulnerabilities.  What Is an Atta...

Cloud Native Security

How a Graph-Based Approach Can Elevate Your Cloud Security

By: Roy Maor
Sep 27, 2023

Ever wondered how large organizations map complex cloud architecture, complete with dynamic assets, fast-paced changes, and tightly woven interdependencies? Here’s your introduction to using graph theory for cloud risk management, reducing the cyb...

Weaponizing the Utility of Jenkins Script Consoles 

By: Rami H.
Sep 15, 2023

Jenkins misconfigurations can have far-reaching consequences; Cisco Panoptica’s attack surface scanner can detect such misconfigurations.  Jenkins is a widely used tool for continuous integration and continuous delivery and deployment (CI/...

Three Takeaways on Cloud Security from the IBM Data Breach Report 2023  

By: Shweta Khare
Aug 29, 2023

IBM’s annual Cost of a Data Breach Report offers its usual insights into the scale of cybercrime and the costs of security breaches. It paints a picture of a technological landscape which is becoming more complex, demanding and uncertain. As organ...