ADMIN Network & Security

Security can seem like a comedy of errors, in that you have host-based firewalls, an intrusion detection system (IDS), an intrusion prevention system (IPS), security information and event management (SIEM), and mobile device management (MDM); you use network address translation (NAT), require a virtual private network (VPN) for remote connectivity, keep all your systems updated, keep an application safe list and a deny list, encrypt your in-flight and at-rest data, require frequent and complex password changes, read reams of CVEs, and track every possible vulnerability in the known galaxy. Yet, some unwitting user clicks on an email attachment that somehow made it through your spam filter and botches the entire network with malware that sends you and the rest of the IT staff scrambling for days. Yes, that’s the life…

Palo Alto Networks Introduces Cortex Cloud Palo Alto Networks has released Cortex Cloud, which merges Prisma Cloud with Cortex CDR. This new version offers cloud detection and response capabilities along with AI-powered prioritization, automated remediation, and a simplified user experience. According to the announcement, “Cortex Cloud identifies and prioritizes issues across the entire development pipeline with end-to-end context across code, runtime, cloud and newly introduced third-party scanners.” “Cortex Cloud identifies high-risk threats with precision using Cortex XDR’s best-in-class CDR agent, which achieved industry-leading results in the most recent MITRE ATT&CK testing,” says Elad Koren (https://www.paloaltonetworks.com/blog/2025/02/announcing-innovations-cortex-cloud/), VP of Product Management, Prisma Cloud in a related blog post. Read more at Palo Alto Networks: https://www.paloaltonetworks.com/cortex/cloud. Canonical to Provide 12 Years of Kubernetes Support Canonical is committing to 12 years of security maintenance…

Anonymization and pseudonymization of data Data anonymization and pseudonymization are not just technical approaches but should be key factors in every organization’s data protection strategy. Whereas anonymization aims to modify personal data such that the data subject cannot be identified, pseudonymization aims to make identification more difficult by replacing identifiers with pseudonyms. These techniques are particularly relevant in the context of Europe’s General Data Protection Regulation (GDPR), which stipulates strict requirements for the handling of personal data, requiring businesses to implement robust mechanisms that ensure both data integrity and data protection. Implementing anonymization and pseudonymization techniques is technically demanding and poses numerous challenges, including ensuring data quality and usefulness after anonymization and providing protection against re-identification risks. At the same time, these techniques offer immense opportunities, particularly with a view…

Zulip, Mattermost, and Rocket.Chat Spurred on by the huge success of tools such as WhatsApp and Telegram, increasing numbers of business users are now showing an interest in chat services as an alternative to email for internal company communication. Tools, bots, and plugins that integrate other applications directly into the chat forums are also useful. Office staff can discuss current business cases with coworkers in the team chat while a bot from the ticket system feeds information on currently open tickets and processing status. Slack is currently one of the most popular chat services for businesses, partly because it integrates with more or less any commercially available business application and tool. However, as with all cloud applications, you must be careful: Confidential company communications end up somewhere in the Amazon…

Post-Quantum Cryptography with TutaCrypt Quantum computing represents a seismic shift in technology, promising breakthroughs in numerous fields. But for cryptography, quantum computers are a looming threat. Experts are well aware that traditional asymmetric encryption methods are at risk from quantum algorithms such as Shor’s algorithm [1], which efficiently factorizes large numbers and could theoretically break RSA and elliptic curve cryptography (ECC). For symmetric encryption techniques such as AES, the quantum algorithm known as Grover’s algorithm [2] halves the effective key length, thus requiring longer keys to maintain security. The looming end of conventional cryptography has caused mathematicians to search for a new kind of encryption that will resist quantum attacks. In order to succeed in the post-quantum world, a new generation of cryptographic algorithms will need to avoid the dependence…

Serverless applications with OpenFaaS In the rapidly evolving world of software development, one of the most transformative shifts in recent years has been the rise of serverless computing. This approach allows developers to focus on building and deploying code without having to worry about the underlying infrastructure. Open-FaaS (function as a service) [1] is a popular open source framework that enables serverless functions on any infrastructure, including public cloud environments, private data centers, or even on-premises Linux servers. Environment Setup Before diving in, ensure you have the following prerequisites in place: ◼ Ubuntu Server: an on-premises machine or cloud virtual machine (VM) running Ubuntu (20.04 LTS or later is recommended) with sudo privileges.◼ Kubernetes cluster: OpenFaaS runs on Kubernetes, so you need access to a Kubernetes cluster.◼ Docker: to build and…