#Issue54
3 posts

3 steps toward improving container security

Focus on how you build access rules and permissions. Understand the level of granularity needed right from day one to build this. Harden the container host with policies to prevent resource abuse.
Read more

3 steps toward improving container security

  • Vet the use of code from online sources. Use discovery tools to manage and scale up containers securely with runtime protection.
  • Focus on how you build access rules and permissions. Understand the level of granularity needed right from day one to build this.
  • Harden the container host with policies to prevent resource abuse. Use access control groups, and run containers with read-only images.
  • Secure content inside containers by limiting Linux OS features running within it.
  • Enforce image source integrity protection to track content changes and determine who made them.

Full post here, 5 mins read

Five strategies to remove single points of DNS failure

Stay aware of trends that can compromise the 13 root name servers. Keep track of expiration dates of domains and SSL certificates.
Read more

Five strategies to remove single points of DNS failure

  • Stay aware of trends that can compromise the 13 root name servers.
  • Choose a top-level domain more likely to stay up under large-scale attacks or software faults, unlikely to change hands and with significant investment in infrastructure.
  • Choose a DNS provider that uses Anycast and is large and scalable; use a different company to service your endpoints.
  • Keep track of expiration dates of domains and SSL certificates.
  • Don’t couple your endpoints and DNS zone control in one provider.

Full post here, 11 mins read

Secure databases in complex backend systems with these 5 best practices

Keep application and database servers on different physical machines, with a high-performance host for the apps & high-level security for databases. Encrypt data residing on servers with a private key and also encrypt before transit.
Read more

Secure databases in complex backend systems with these 5 best practices

  • Keep application and database servers on different physical machines, with a high-performance host for the apps & high-level security for databases.
  • Set up web application firewalls, and anti-malware & anti-ransomware solutions for the database server and review them regularly. Turn off any services not frequently used.
  • Encrypt data residing on servers with a private key and also encrypt before transit.
  • Limit the number of users accessing the database. Allow access only when required. Maintain and monitor activity logs. Keep database credentials hashed and salted.
  • Patch the OS and third-party software, APIs and plug-ins using the latest versions. Remove or deactivate unused apps.
  • Schedule regular backups and use a database proxy to accept requests only from trusted sources.

Full post here, 6 mins read