A short while ago, we gave you an update on our SOC2 compliance journey.
We're happy to tell you that we've passed a small but significant landmark on that road: we've just been become a SOC2 Type I compliant.
At KernelCare, we've known about SOC 2 for some time. We've had customers tell us that our Linux kernel live patching product helped them with their compliance certification efforts. Although KernelCare doesn't handle customer data, we thought we should follow the good example set by our SOC 2-certified customers and become compliant. We would get to know our customers' use-cases better, and improve as a company.
So, I'm excited, and a little nervous, to share with you the start of our own SOC 2 compliance journey. I will share more as we progress.
As part of our expansion into Asia-Pacific markets, we're happy to announce a new partnership with GDEP Solutions, a leading DevOps and OSS company based in Tokyo.
Netflix has a new hit on its hands. They’ve discovered new Linux kernel vulnerabilities and describe how a properly formed TCP network packet can cause the kernel to panic or slow down. There are three kinds. Two affect Linux kernels. (The other is for FreeBSD so won’t be described further.) All are dangerous because they can be executed remotely.
Our KernelCare webinars on live patching technology and applications are growing in popularity.
So, we’re happy to tell you about another. As before, this one is in partnership with a technical architect from Amazon Web Services. And we’ve invited a prominent and established KernelCare customer from the insurance sector, Efinity.
KernelCare, the multiplatform Linux kernel live patching solution, now validated by VMware for customers of VMware Cloud on Amazon Web Services (AWS).
Vulnerabilities are becoming like celebrities, with freaky names and their own websites.
The latest ones to hit the scene are Zombieload, RIDL and Fallout, also known as Microarchitectural Data Sampling, (MDS for short), discovered by Intel and researched by academic departments at security-focused institutions around the world. These vulnerabilities are in the same vein as Spectre and Meltdown, being design flaws that reveal data. Zombieload is particularly worrying because it affects all Intel Core and Xeon CPUs manufactured since 2011.
Organizations use cloud services like AWS to be more agile and more profitable. This doesn’t stop them spending millions of dollars on cybersecurity, investing in network defense and end-point protection, hiring consultants, and purchasing threat intelligence reports.
But companies still get hacked, and still suffer data breaches and server compromises, often traceable to out-of-date software, either at the application level, or in the OS itself.
At KernelCare, we strive to make our IT products well engineered, beautifully designed, and simple to use. That’s why we couldn’t be more proud to be named as the exclusive advanced technology partner for Linux Kernel Live Patching. It truly is a testament to our mission.