As cloud-native technologies continue to converge with traditional networking in the data center and enterprise, understanding how Kubernetes, Cilium and eBPF work is crucial for network engineers. Hybrid mesh firewalls are the latest trend, and distributed firewalls (like Cisco's Hypershield) are emerging in the market.

With a lot of good news around Cisco Secure Firewalls recently, we decided to put them to the test, ATC style!

Learn how Cortex XDR secures the future by rewiring security operations.

As cloud-native technologies continue to converge with traditional networking in the data center and enterprise, understanding how Kubernetes, Cilium and eBPF works is crucial for network engineers. With hybrid mesh firewalls being the latest trend, and distributed firewalls (like Cisco's Hypershield) emerging in the market. Understanding how Kubernetes transforms traditional IP networking concepts into a dynamic, software-defined environment is crucial. This article demystifies Kubernetes security, making it accessible for network engineers familiar with ACLs and VLANs. You may think this doesn't apply to you, but if you're planning a firewall refresh anytime soon, then these concepts will need to be part of your vernacular going forward.

Zero trust shifts from traditional network defenses to nuanced, controlled security, but integrating legacy systems and creating precise access policies pose significant challenges. Success requires strategic planning and collaboration, balancing security with usability. The journey to Zero Trust demands foresight, technical rigor and commitment to a resilient security posture.

Network Access Control (NAC) is vital for organizations to secure networks and ensure compliance with regulatory frameworks like HIPAA, PCI-DSS and GDPR. By enforcing identity-based access, network segmentation and real-time monitoring, NAC mitigates cyber threats, prevents data breaches and maintains regulatory adherence, future-proofing organizational security.

As part of the "Grizzled CyberVet: Practical Cybersecurity" collection, we examine the MITRE ATT&CK framework. We simplify and explain this framework used by attackers to compromise your digital ecosystem.

Network security has evolved rapidly, with the field now embracing zero trust, AI-driven defenses and integrated platforms. The next five years will see AI, SASE and quantum-resistant cryptography reshape the landscape. Enterprises must consolidate tools, adopt AI automation and prioritize identity-first security to stay ahead of increasingly sophisticated cyber threats. Secure your future now.

At its core, eBPF Programs are at the heart of how eBPF views and controls traffic. The eBPF technology is composed of bytecode that the kernel executes in response to specific events (a.k.a event-driven execution). Meaning the eBPF programs can be attached to various hook points in the kernel, allowing them to run in response to a specific event in the kernel. There's a lot of possibilities that stem from this event-driven execution. So many in fact, that eBPF was dubbed by Brendan Gregg as "superpowers for Linux!"

As cloud-native technologies continue to converge with traditional networking in the datacenter and enterprise, understanding how Kubernetes, Cilium and eBPF works is crucial for network engineers. With hybrid mesh firewalls being the latest trend, and distributed firewalls (like Cisco's Hypershield) emerging in the market. Understanding how Kubernetes transforms traditional IP networking concepts into a dynamic, software-defined environment is crucial. This article demystifies Kubernetes observability, making it accessible for network engineers familiar with Logging and NetFlow. You may think this doesn't apply to you, but if your planning a firewall refresh anytime soon, then these concepts will need to be apart of your vernacular going forward.

Securing the "front door" of your organization is a great start, but if you don't secure the whole house it's just a false sense of security.

In the third installment of the "Grizzled CyberVet: Practical Cybersecurity" collection, we compare and contrast the Cybersecurity Kill Chain and MITRE ATT&CK Framework.