Posts by

The Cloud Native Compliance Playbook: Strategies for the Enterprise
July 18, 2020
The reality for most organizations is that they are somewhere between hybrid cloud and cloud native on their cloud transformation journeys. A major roadblock for this delay is compliance – or more specifically – the way compliance has traditionally been achieved within large enterprises.
EDR for Linux Production Systems
February 4, 2020
A guide to specific security considerations for protecting Linux VMs, containers, and bare-metal servers. You should keep them in mind as you work toward making your enterprise Linux more secure.
Understanding Indicators of Attack vs Compromise
September 17, 2019
Understanding Indicators of Attack vs Compromise It’s the choice between stopping an attack before it gets in or detecting a compromise after it affects your company There are two main methods of detection in the security marketplace—Indicators of Attack (IoA) and Indicators of Compromise (IoC). The two methods approach detection in vastly different ways.  In […]
Spectre and Meltdown | The Data Science Approach
October 5, 2018
Data science in cybersecurity is rapidly growing. At Capsule8, we in data science work in tandem with the security research team to collaborate on state of the art detection models against the latest threats. Now in machine learning, we all know that feature engineering is the secret sauce. The advantage for us here, given the […]
The Essential Guide to Cloud-Native Security
August 13, 2018
Modern detection engineering requires the adoption of engineering principles to security analysis. In a cloud native system, this practice becomes existentially critical — without it, security detection will be untenable.
Docker Security 101: Key Considerations
August 8, 2018
Docker and containers bring true platform independence, agility, and flexibility to running applications. As the industry moves toward microservices, containers, and cloud-native environments, container and Docker security will be taking on an increasingly prominent position in an organization’s security posture.
Preparing for Zero-Day Attacks
July 24, 2018
Are you one of the 42% of organizations that reported an attack on their hybrid environment in the last year? Discover how you can detect and instantly disrupt attacks in the production environment before they take hold.
Why Container Security is Such a Challenge
January 11, 2018
Container Security Why Container Security is such a Challenge The Power of Containers Containers are having a moment. They are revolutionizing the way we do application development, but, as with most new technologies, their adoption in the enterprise is (rightfully) hindered by genuine security concerns. Ultimately, containers can bring huge security benefits not found in […]
Nine Reasons Why the Death of the Security Appliance Is Inevitable
July 24, 2017
Most security organizations are used to appliances being the workhorse for their protection needs. Indeed, the major security vendors today tend to have huge appliance businesses, including the old titans (e.g., Symantec and McAfee) and the new titans (e.g., Palo Alto and FireEye). As crucial as security appliances are today, they are eventually going to die […]
Time to Blow Up the SOC?
July 24, 2017
Thirty-seven percent of SOCs faced more than 10,000 alerts per day and more than half of those were false positives, which can easily cost organizations thousands of wasted hour and millions of wasted dollars every year. Realistically, many “true positives” are for events with incredibly low value, such as reconnaissance scans. Most scans don’t turn […]