Software bugs and vulnerabilities often lead the way to massive security breaches via exploitation. These breaches spawn heavy costs to the organization in well-known monetary fees and penalties, but there are several unforeseen costs that affect the organization internally and publicly.

Participate in the KernelCare Survey to share your thoughts on the state of Enterprise vulnerability detection and patch management operations in your organization for a chance to win one of five Certified Kubernetes Administrator (CKA) Certifications from the Cloud Native Computing Foundation.

Alma means “soul” in many Latin languages, including Spanish and Italian. The word comes from the Latin word almus, which means “nourishing, kind”.

Software security is, to a large degree, in the hands of the party that develops the software and it’s usually in the interest of the developers to ensure that software is secure.

But what happens with security for Free and Open-Source Software (FOSS)? The development model is significantly different, and the code is ultimately affected by changes coming from many different developers, some having only contributed once.

OS virtualization was a huge step forward for the delivery of large-scale enterprise computing applications. But virtual machines were just the start. Containers take virtualization a step further, delivering unprecedented flexibility as applications become almost seamlessly transportable.

However, containers come with a hidden security risk that derives from the nature of containerization. In this article, we discuss the role of containerization in the enterprise, explain why contains can be an enterprise security risk – and point to effective solutions.

We have finally wrapped up 2020! This past month has been intense and we’ve done our best to address all the news and changes that can potentially make your sysadmin’s life easier. We’ve included a quick recap video of our December highlights, but you can keep reading for more details.

A new vulnerability (CVE-2020-16166) in pseudo random number generator (PRNG) was found by Amit Klein, vice president of security research at SafeBreach and a security researcher at Israel’s Bar-Ilan University.

The vulnerability opens the door to Cross-Layer Attacks, a new hacking technique that raises a risk of DNS cache poisoning and that can enable the unauthorized identification and tracking of Linux and Android devices.

KernelCare patches for Debian 10, Debian 8, Oracle Linux UEK 5 and 6, Ubuntu 18.04, 20.04 are already available. Patches for RHEL 8 & Oracle Linux UEK 4 will be released early next week.

Last week, the US Congress officially signed a bipartisan law, The Internet of Things Cybersecurity Improvement Act of 2020, or the IoT Cybersecurity Improvement Act of 2020. Sponsored by Reps. Will Hurd (R-Tex) and Robin Kelly (D-Ill), the law was made to establish that the government purchases only secure devices and closes existing vulnerabilities. The legislation mostly affects U.S. federal government applications, vendor partners, equipment manufacturers and stakeholders that deal with the federal government. However, this law has the potential to have ripple effects that extend beyond security safeguards for government entities, with those in the private industry and consumers more than likely also benefiting from new connected device standards.

Malware takes different shapes and forms. Some malware is immediately damaging. Think about an all-encompassing ransomware attack that locks up all of your data, for example. Other types of malware sneaks in without being noticed. Sneaky, insidious malware can lead to long-term financial consequences and, even worse, reputational damage. It is arguably more dangerous than obvious malware that alerts you to its presence.

In a symphony orchestra, instruments harmonize to create one pleasing sound. Similarly, enterprise IT procedures orchestrate to introduce new systems to production, monitoring, and maintenance processes. IT automation with kernel live patching ensures this beautiful music sounds the same every time and never stops.