KernelCare Blog

SOC 2 is an audit framework that gives organisations a trusted way to verify their controls for protecting, securing and utilizing data. One of the key criterion for SOC 2 certification is Privacy. SOC 2 regulations state that, in order to obtain a Privacy certification, a company must operate in such a way that “personal information is collected, used, retained, disclosed, and disposed” in line with the company’s standards and goals. SOC 2 is deeply concerned with systems. Here’s where KernelCare is important. 

 

Read More

The furore around Zombieload obscured the fact that there are two other MDS-related side channel attacks on the loose. All are weaknesses in Intel x86 microprocessors, and all are worrying. One of these other two is RIDL, short for “Rogue In-Flight Data Load.” RIDL can be exploited by attackers to leak data from the vulnerable CPU’s internal buffers (chunks of allocated memory used to store and load data). These leakages can include such critical information as passwords and personal data. 

 

Read More

SOC 2 matters. Once you get certified, you can prove to businesses that you’re able to secure sensitive customer data in the cloud. This makes them much more likely to do business with you. More and more, SOC 2 certification is a must-have for any cloud computing enterprise. Learn more about SOC 2 in our blog. 

Read More

As with any other MDS Side Channel Attack, Fallout exposes the flaw in how most people protect their Linux kernels. In reaction to Fallout, Intel shipped microcode updates, and various providers rolled out OS and hypervisor updates. But the only way to actually apply these updates is by rebooting the new kernel. But with Kernelcare, you can install the micro-code and kernel patch TODAY with no reboot. 

Read More

At KernelCare, we've known about SOC 2 for some time. We've had customers tell us that our Linux kernel live patching product helped them with their compliance certification efforts. Although KernelCare doesn't handle customer data, we thought we should follow the good example set by our SOC 2-certified customers and become compliant. We would get to know our customers' use-cases better, and improve as a company.

So, I'm excited, and a little nervous, to share with you the start of our own SOC 2 compliance journey. I will share more as we progress.

Read More

An embedded Linux refers to a scenario where an embedded system runs on an operating system based on the Linux kernel. This Linux distribution will be specifically designed for an embedded system; it will have a smaller size than normal, possessing fewer features and less processing power. Learn more in this blog.

Read More