Posts by

cloud native security summit
Seven Key Takeaways from the Cloud-Native Security Summit
September 20, 2018
Earlier this week we wrapped up very first Cloud-Native Security Summit, an exclusive event co-hosted by Capsule 8, Duo Security, and Signal Sciences, designed to tackle all things cloud-native security. Together in one room for a day, 140 security professionals discussed some of the most pressing issues they are facing in their organizations such as […]
Sock the SOC Infographic Security Alert Fatuge
How to Tell if Your Company is Suffering from Security Alert Fatigue
August 29, 2018
We’ve been talking about security alert fatigue a lot here at Capsule8 because it is a very real concern we hear from prospects, customers, and other organizations that are trying secure their production environment. The numbers of the SOC can be terrifying for anyone who is in charge of making sure that next breach doesn’t happen […]
Essential Guide to Cloud Native Security
An Essential Guide to Cloud Native Security
April 23, 2018
What Is Cloud Native? Cloud native applications are designed and built on the cloud. On a higher level, “cloud native” is a fundamentally new approach to application design and deployment that leverages native cloud capabilities (e.g., auto-scaling, continuous deployment, and auto-management). An open source approach leveraging IaaS capabilities (eg. AWS, Microsoft Azure, and Google Cloud) […]
Zero-Day Attack
The Evolution of Zero Day Attacks and How to Prevent Them
September 26, 2017
What is a Zero Day Attack? “Better the devil you know than the devil you don’t.” someone important, probably A zero-day is the devil you don’t know. Whether you’re talking about a previously unknown software vulnerability, or the code used to exploit it, zero-days can make a security practitioner’s life a living hell. There’s no […]
Leveraging CI/CD Practices and the Concept of Reverse Uptime
Resiliency Part 3 of 3: “Cattle, Not Pets,” Leveraging CI/CD Practices and the Concept of Reverse Uptime
September 9, 2017
Part 1: What is Resiliency and How Can We Apply to All Phases of Attack? Part 2: Using Misinformation and Intentional Failures to Your Advantage Part 3: Cattle, Not Pets, Leveraging CI/CD Practices and the Concept of Reverse Uptime As we conclude this series about resiliency, you’ll recall that we’ve focused on ways to make […]
Role of Security in a Software-defined World
The Evolving Role of Security in a Software-defined World
September 5, 2017
The role of security is rapidly changing as data centers that were once typically defined by hardware and devices are taking the next step in virtualization to support both legacy enterprise applications and new cloud computing services. The software-defined data center (SDDC) has gained significant traction, as its infrastructure is virtualized and delivered as a […]
Using Misinformation and Intentional Failures to Your Advantage
Resiliency Part 2: Using Misinformation and Intentional Failures to Your Advantage
July 26, 2017
Part 1: What is Resiliency and How Can We Apply to All Phases of Attack? Part 2: Using Misinformation and Intentional Failures to Your Advantage Part 3: Cattle, Not Pets, Leveraging CI/CD Practices and the Concept of Reverse Uptime In my last post about resiliency, we explored a number of ways to make a hacker’s […]
Time to Blow Up the SOC?
Time to Blow Up the SOC?
July 25, 2017
Your Security Operations Center (SOC) is barraged with so many alerts that your team may be shell shocked into believing that they are under a constant and unmanageable assault. Indeed, they are under siege – from a constant barrage of data. Alert fatigue is not just some industry buzz phrase – it’s a very real […]
Microservices and Modern Production Environments vs. SecOps
Microservices and Modern Production Environments Are the Achilles’ Heel of SecOps
July 25, 2017
Microservices and the increasing popularity of service-based architecture have catapulted Linux from the coder’s tinker toy of yesterday to the most popular platform on the planet today. It’s no wonder that modern Linux is fast becoming the defacto operating system of production environments and powering the “software is eating the world” phenomenon. It’s simple and […]
What is Resiliency and How Can We Apply It to Cybersecurity Attacks
What is Resiliency and How Can We Apply It to All Phases of Attack? Part 1 of 3
July 25, 2017
Part 1: What is Resiliency and How Can We Apply to All Phases of Attack? Part 2: Using Misinformation and Intentional Failures to Your Advantage Part 3: Cattle, Not Pets, Leveraging CI/CD Practices and the Concept of Reverse Uptime The inevitability of your organization being breached is well established. Vulnerabilities are intrinsic to any software […]
Threat Protection Appliances Are Not Valuable
Threat Protection Appliances Are as Valuable to Security as Your Toaster
July 10, 2017
Nothing in the IT security community is as widely deployed and universally reviled as Anti-Virus. But, threat detection appliances, including intrusion prevention appliances, application firewalls and advanced threat protection appliances should be almost as reviled. These appliances are nearly as useless as they are toxic. They do a horrible job finding problems and ultimately create […]
AI Won’t Replace Developers
February 27, 2017
Last week, a Slashdot article suggested that eventually AI might replace a developer jobs (discussing Microsoft’s DeepCoder). I doubt it. AI techniques will eventually be able to automate some kinds of programming tasks that allow developers to abstract away and do more with their time. But I can’t imagine an AI replacing human developers. Let’s […]