Whitepapers and Reports

Deciphering SOC 2 Compliance in Cloud-Native Environments
Organizations with SOC 2 accreditation are at a significant competitive advantage to win and maintain customers; however, those that want to move to cloud-native applications may struggle to discuss these cloud principles. This white paper discusses: How to  define an explicit compliance narrative to describe your IT systems from the outside What a SOC 2 […]
Gartner – A CIO’s Guide to Serverless Computing
For Security Teams, Closing Cloud Security Woes Means Adopting New Approaches
Over the past few years, security teams have been faced with the demands brought about by the widespread adoption of cloud environments for infrastructure. As they look at how to prioritize their efforts, some patterns start to emerge. To help understand these demands more, we gathered data from 451 Research’s Voice of the Enterprise surveys, […]
Why IDS is Ineffective for Linux Production Environments
Organizations are evolving and modernizing their production environments with technologies like cloud, microservices and containers, and are more often mixed with both cloud and on-premises infrastructure and applications. This creates a changing attack surface that conventional security solutions such as IDS simply cannot address.
451 Research, Capsule8 Coverage Initiation
As organizations move to embrace cloud-based delivery and DevOps, the underlying compute environments shift toward Linux as a frequent execution environment. This is the space that Capsule8 aims to address with its endpoint security offering, combining an architecture optimized for Linux with features aimed at enterprise security and IT operations teams.
The Journey Toward Smoother and More Secure Workload Modernization Efforts
Get this Business Impact Brief from 451 Research to learn how organizations can successfully – and securely – use cloud environments and technologies to drive their business forward.
Security Considerations for Cloud Migration During a Crisis
Following a successful webcast featuring guest speaker Andras Cser of Forrester Research, Capsule8 commissioned Forrester to share how security considerations for a cloud migration have changed and how future trends change risk when adopting accelerating strategies.
The Cloud Native Compliance Playbook: Strategies for the Enterprise
The reality for most organizations is that they are somewhere between hybrid cloud and cloud native on their cloud transformation journeys. A major roadblock for this delay is compliance – or more specifically – the way compliance has traditionally been achieved within large enterprises.
Gartner’s Market Guide for Cloud Workload Protection Platforms
Download Gartner’s Market Guide to learn more about the solutions available for protecting cloud workloads.
EDR for Linux Production Systems
A guide to specific security considerations for protecting Linux VMs, containers, and bare-metal servers. You should keep them in mind as you work toward making your enterprise Linux more secure.
MITRE ATT&CK Framework Q&A with Forrester Research
Following a successful webcast, Capsule8 commissioned Forrester to share insights into the MITRE ATT&CK Framework. Josh Zelonis, principal analyst, provides Forrester’s analysis in the following Q&A.
Retooling Cybersecurity Programs for the Cloud-first Era
Because lines of business are going directly to the cloud, cybersecurity and IT teams are losing control over both the administration and security of cloud-delivered applications. This decoupling, in which the consumer of the cloud service is administering its use, means that security teams are losing centralized visibility and control over the data assets associated […]
Understanding Indicators of Attack vs Compromise
Understanding Indicators of Attack vs Compromise It’s the choice between stopping an attack before it gets in or detecting a compromise after it affects your company There are two main methods of detection in the security marketplace—Indicators of Attack (IoA) and Indicators of Compromise (IoC). The two methods approach detection in vastly different ways.  In […]
Capsule8 Protect
Capsule8 Protect is the Linux protection solution that keeps production environments free of compromise while preserving the high performance and reliability on which modern organizations depend. Read our whitepaper to learn about our approach.
Driving Toward the Automated SOC
SOCs need to be empowered: boosting the accuracy of threat detection and shortening the time to response – and doing it in a scalable way that doesn’t rely on hiring increasingly hard-to-find security personnel. Automation will be increasingly critical to a SOC’s ability to protect the enterprise.
How to Detect and Mitigate Zero-Day Attacks
The recent spate of zero-day attacks, such as Meltdown and Spectre in early 2018, has put the issue of zero-day threats at the forefront for SecOps teams and security engineers. Despite the increased urgency in understanding the threat itself, there’s still some confusion about what is meant by a “zero-day attack.”
Spectre and Meltdown | The Data Science Approach
Data science in cybersecurity is rapidly growing. At Capsule8, we in data science work in tandem with the security research team to collaborate on state of the art detection models against the latest threats. Now in machine learning, we all know that feature engineering is the secret sauce. The advantage for us here, given the […]
The State of Cloud-Native Security
Capsule8, Duo, and Signal Sciences conducted a survey with 486 IT leaders to better understand the cybersecurity challenges and opportunities of the ongoing shift toward cloud native applications in Production Environments. Download the report now.
The Essential Guide to Cloud-Native Security
Modern detection engineering requires the adoption of engineering principles to security analysis. In a cloud native system, this practice becomes existentially critical — without it, security detection will be untenable.
Docker Security 101: Key Considerations
Docker and containers bring true platform independence, agility, and flexibility to running applications. As the industry moves toward microservices, containers, and cloud-native environments, container and Docker security will be taking on an increasingly prominent position in an organization’s security posture.
Preparing for Zero-Day Attacks
Are you one of the 42% of organizations that reported an attack on their hybrid environment in the last year? Discover how you can detect and instantly disrupt attacks in the production environment before they take hold.
1 2