Operational resiliency is a topic of rising importance in the security community. Unplanned events, much like the one we are facing today, are reminders of how organizations can be prepared to respond to a cyberattack. Ian Coldwater and I explored a variety of options in my episode of Afternoon Cyber Tea with Ann Johnson.
Ian Coldwater is a Kubernetes containers and cloud infrastructure specialist with a background in penetration testing and DevOps. In their role as a consultant, Ian has helped companies bridge the gaps between security and DevOps. It was a real pleasure to discuss what Ian has learned in these roles, and I think you’ll find our discussion valuable.
During our conversation, Ian and I talked about threat modeling and how to best protect your crown jewels. We also explored what it means to bring security into DevOps. Hint: it’s about more than just new tooling. And, we demystified Kubernetes. Do you wonder which projects are a good fit for Kubernetes, and which are not? Are you concerned about how to keep Kubernetes containers secure? Take a listen to Building operational resiliency in a digital work on Afternoon Cyber Tea with Ann Johnson for actionable advice that you can apply to your own SecDevOps organization.
In this important cyber series, I talk with cybersecurity influencers about trends shaping the threat landscape in these unprecedented times, and explore the risk and promise of systems powered by artificial intelligence (AI), Internet of Things (IoT), and other emerging tech.
You can listen to Afternoon Cyber Tea with Ann Johnson on:
In the meantime, bookmark the Security blog to keep up with our expert coverage on security matters. Also, follow us at @MSFTSecurity for the latest news and updates on cybersecurity. Or reach out to me on LinkedIn or Twitter if you have guest or topic suggestions.
The main components of the Microsoft Intune Suite are now generally available. Read about how consolidated endpoint management adds value and functionality for security teams.
To confidently secure identity and access at your organization, here are five areas Microsoft recommends prioritizing in the new year.
User containment is a unique and innovative defense mechanism that stops human-operated attacks in their tracks. We’ve added user containment to the automatic attack disruption capability in Microsoft Defender for Endpoint. User containment is automatically triggered by high-fidelity signals and limits attackers’ ability to move laterally within a network regardless of the compromised account’s Active Directory state or privilege level.
The threat actor that Microsoft tracks as Storm-0324 is a financially motivated group known to gain initial access using email-based initial infection vectors and then hand off access to compromised networks to other threat actors. These handoffs frequently lead to ransomware deployment. Beginning in July 2023, Storm-0324 was observed distributing payloads using an open-source tool […]
