ESG Brief: The Role of DevSecOps in Automating Application Container  Security

Abstract:

The rapid adoption of application containers is creating a new set of cybersecurity challenges and, as a result, an expanded set of requirements for server workload security solutions. Research conducted by ESG shows that containers are moving quickly into production with a side effect of sprawl, as previously experienced by IT departments with the advent of virtual machines. Exploit attacks experienced by many organizations have created concerns about how application container environments—including registry-resident images and orchestration platforms—expose a new set of software, configuration, and access vulnerabilities. ESG research also reveals a strong interest in automating security via DevOps (“DevSecOps”) and shows how these practices allow cybersecurity and operations teams to integrate security in each stage of the continuous integration and continuous delivery (CI/CD) pipeline that governs the build-ship-run phases of the container lifecycle.

Topics: Cybersecurity Systems Management AWS re:Invent

ESG Brief: Spotlight on GDPR and Its Effects on Data Protection

Abstract:

The deadline for organizations to comply with GDPR (General Data Protection Regulation) has passed, and many organizations still don’t feel that they’re ready. The regulation has many implications for organizations’ data protection and security policies and procedures. The process of bringing your organization in line with the regulation will have many benefits beyond mere compliance, allowing you to improve your data classification, security, data privacy, and customer relationships.

This brief is free for download, compliments of the data protection team at ESG.

Topics: Data Protection GDPR