What is automated compliance?

Working in cyber security we’re all familiar with the need for IT compliance and know that organizations processing sensitive information (e.g. hospitals, banks) must adhere to a set of rules, standards, and processes protecting customer and user information. However as…

Read More

Approved CloudPassage module now on PuppetForge

We’re proud to announce that CloudPassage has joined Puppet’s Technology Alliance Partner Program (TAPP). Joining this program is part of an initiative to best serve our customers who use Puppet as their orchestration tool for securing their dynamic cloud and…

Read More

Security considerations in a DevOps pipeline – part 2

As we discussed in our first post in this series, with DevOps methodologies the goal is to speed up deployment using automation while increasing the predictability and manageability of the development cycle. Too often though, security is left for last,…

Read More

Rapid transformation in computing – IaaS market trends

We are currently witnessing a huge transformation in how computing is done, with on-premises infrastructure being steadily and rapidly replaced by cloud infrastructure. If smartphones were the technology story of the last decade, then Infrastructure-as-a-Service (IaaS) may very well be…

Read More

Vulnerability: CVE-2017-6074 Linux Kernel DCCP double free

On Friday February 17th, 2017 the Linux Kernel team released a patch for a double-free vulnerability in the Linux kernel. On Wednesday February 22nd, 2017 the bug was revealed to the oss-sec mailing list. This Privilege Escalation vulnerability is a…

Read More