MITRE | The Blog Pros

October 27, 2021

The Shifting Cloud-Native Landscape: Understanding Kubernetes Compliance and Security Frameworks

There’s a reason why Kubernetes (K8s) has become the world’s leading container orchestration platform, with 74% of today’s IT companies using it for containerized workloads in production. It’s often the simplest way to handle container configuration, deployment, and management at scale. But while Kubernetes has made use of containers easier, it has also added complexities when it comes to security.

Kubernetes’ default configurations don’t always provide optimal security for all workloads and microservices deployed. Plus, today you are responsible not only for defending your environment against vicious cyberattacks but also for meeting a wide variety of compliance requirements.

February 13, 2020

Avoiding Vulnerabilities in Software Development

With data breaches on the rise, creating and maintaining secure software is vital to every organization. Although not all attacks can be anticipated or prevented, many can be avoided by eliminating vulnerabilities in software. In this article, you’ll learn about some of the most common software vulnerabilities and how to avoid these issues. You’ll also learn some general best practices for ensuring that your software and data remain secure.

Addressing Common Software Vulnerabilities

The vulnerabilities below are just a few of those identified in MITRE’s 2019 CWE Top 25 Most Dangerous Software Errors list. Many of these issues continue to be included in software despite being widely known and used by attackers.

Build an Advanced RAG App: Query Rewriting
No categories
In the last article, I established the basic architecture for a basic RAG app. In case you missed that, I recommend that you first read that article. That will set the base from which we can improve our RAG system. Also in that last article, I listed s... […]
Contexts in Go: A Comprehensive Guide
No categories
Contexts in Go provide a standard way to pass metadata and control signals between goroutines. They are mainly used to manage task execution time, data passing, and operation cancellation. This article covers different types of contexts in Go and examp... […]
Next-Gen Lie Detector: Stack Selection
No categories
The first lie detector which relied on eye movement appeared in 2014. The Converus team together with Dr. John C. Kircher, Dr. David C. Raskin, and Dr. Anne Cook launched EyeDetect — a brand-new solution to detect deception quickly and accurately. This... […]
Applying the Pareto Principle To Learn a New Programming Language
No categories
In this article, I will discuss how you can apply the Pareto principle to quickly learn a new programming language and start solving real-world problems while you develop a deeper understanding of the programming language. What Is the Pareto Principle?... […]
Enhance IaC Security With Mend Scans
No categories
Whether on the cloud or setting up your AIOps pipeline, automation has simplified the setup, configuration, and installation of your deployment. Infrastructure as Code(IaC) especially plays an important role in setting up the infrastructure. With IaC t... […]