Compliance efforts can feel like a challenging endeavor in most organizations. Engineering teams routinely don’t understand how often-confusing requirements will actually make the organization more secure. Sometimes, even the words that define compliance requirements can be hard to comprehend. The entire exercise can feel overwhelming, like being on …

Identity and access management (IAM) can seem like a gentle hill at first. It’s not too difficult to manage, assigning logins and passwords, and granting access control based on a person’s job in an organization. However, that gentle hill can shift as you start to configure IAM …

Monitoring microservices in the cloud has become an increasingly cumbersome exercise for teams struggling to keep pace with developers’ rapid application release velocity. One way to make things easier for overloaded security teams is to use the open-source runtime security platform Falco to quickly identify suspicious behavior in Linux …

Dev : "I need that library's functionality for the new feature!" Sec : "I can't approve it if I don't know that it's safe to deploy!" Dev : "And when will we know?" Sec : "My queue is 11 weeks long...." The most contentious conversations between security and development teams often involve the …