Sign up for our newsletter! →

HanByte

An Overview of Container Security for FedRAMP

Hanabyte blog, HanaByte, FedRAMP, Containers

In this article, we will explore container vulnerability scanning, frame the vulnerability management requirements in a FedRAMP context, and provide commentary on the new FedRAMP PMO updates to container scanning requirements for cloud service providers (CSPs).

A Look at the Modernizing FedRAMP Memo

hanabyte blog, FedRAMP, HanaByte

The White House Office of Management and Budget (OMB) released a draft memorandum with the goals of enhancing the Federal Risk and Authorization Management Program, widely known as FedRAMP. In this blog post, we will go through a brief background on FedRAMP, then dive into the details of the OMB memo, and what it means for the future of FedRAMP.

From AFT to ATO, AWS Native FedRAMP Compliance through Terraform (Part 1)

hanabyte blog, aws account factory, decoupling security data, snowflake

The complexity of achieving a FedRAMP status in this sea of ever-growing cloud architectures, often led us and customers to the same conclusion: new accounts! Why go through the process of updating the entirety of their current architecture, when we only need resources in the authorization boundary to be compliant?

Understanding Google Chrome’s Manifest V3

Google Chrome, Manifest V3, Hanabyte blog, hanabyte

Written By Understanding Google Chrome’s Manifest V3 Google Chrome is a cross-platform web browser developed by Google in 2008 for accessing the World Wide Web and running Web-based applications and is currently dominating as the most popular web browser at 65.84% market share. Google Chrome extensions are one of the most beloved and implemented features […]

An Introduction to OSCAL

Hanabyte blog, OSCAL, eric evans,

Written By An Introduction to OSCAL The Open Security Controls Assessment Language (OSCAL) is a set of data formats that is used to express machine-readable representations of control catalogs, baselines, and security documentation. It is important to recognize that OSCAL is not a tool, but instead a language. Using OSCAL allows us a data interchange […]

CISA: A Quick History

hanabyte blog, CISA, cybersecurity infrastructure security agency, hanabyte

Written By Get to Know CISA Perhaps one of the least understood aspects of information technology is cybersecurity. Despite constant reports of major hacks and data breaches affecting millions of Americans, there are still organizations that either practice poor security habits/protocols or neglect responsibility altogether. At one point, it could be argued this even extended […]