Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

Containers

sysdig

Understanding and mitigating CVE-2020-8563: vSphere credentials leak in the cloud-controller-manager log

Oct 16, 2020 By Kaizhe Huang In Sysdig

While auditing the Kubernetes source code, I recently discovered an issue (CVE-2020-8563) in Kubernetes that may cause sensitive data leakage. You would be affected by CVE-2020-8563 if you created a Kubernetes cluster over vSphere, and enabled vSphere as a cloud provider with logging level set to 4 or above. In that case, your vSphere user credentials will be leaked in the cloud-controller-manager‘s log.

Read Post
teleport

How to Set Up Kubernetes SSO with SAML

Oct 15, 2020 By Virag Mody In Teleport

Kubernetes has some impressive baked-in role based access controls (RBAC). These controls allow administrators to define nuanced permissions when querying Kubernetes resources, like Pods, Deployments, ReplicaSets, etc. For those familiar with Kubernetes, the value of RBAC is immediately recognizable. A single Kubernetes cluster can contain your organization’s entire CI/CD pipeline, highly available SaaS products, or infrastructure that is in the process of being moved to the cloud.

Read Post
sysdig

K3s + Sysdig: Deploying and securing your cluster... in less than 8 minutes!

Oct 13, 2020 By Dan Papandrea In Sysdig

As Kubernetes is eating the world, discover an alternative certified Kubernetes offering called K3s, made by the wizards at Rancher. K3s is gaining a lot of interest in the community for its easy deployment, low footprint binary, and its ability to be used for specific use cases that the full Kubernetes may be too advanced for. K3s is a fully CNCF (Cloud Native Computing Foundation) certified Kubernetes offering.

Read Post

Extending Your Fortinet FortiManager to Kubernetes

Oct 13, 2020 By Tigera In Tigera
Tigera and Fortinet have joined forces to solve this operational challenge. With the combination of FortiManager and Calico Enterprise, you gain access control and full visibility into the container environment along with centralized management. In this webinar, you will learn how Calico Enterprise and FortiManager enable you to.
View Video
Featured Post
outpost 24

Container Inspection: Walking The Security Tightrope For Cloud DevOps

Oct 9, 2020 By Sergio Loureiro In Outpost 24
Containers are at the forefront of software development creating a revolution in cloud computing. Developers are opting for containerization at an impressive rate due to its efficiency, flexibility and portability. However, as the usage of containers increases, so should the security surrounding it. With containers comprising of many valuable components it is of the utmost importance that there are no vulnerabilities exposed when developing applications, and risks are mitigated before containers, and their contents, reach the end-user.
Read Post
tigera

Extend Your Fortinet FortiManager to Kubernetes

Oct 7, 2020 By John Armstrong In Tigera

Companies are leveraging the power of Kubernetes to accelerate the delivery of resilient and scalable applications to meet the pace of business. These applications are highly dynamic, making it operationally challenging to securely connect to databases or other resources protected behind firewalls.

Read Post
styra

Using Open Policy Agent to safeguard Kubernetes

Oct 6, 2020 By Tim Hinrichs In Styra

Open Policy Agent addresses Kubernetes authorization challenges with a full toolkit for integrating declarative policies into any number of application and infrastructure components. As more and more organizations move containerized applications into production, Kubernetes has become the de facto approach for managing those applications in private, public and hybrid cloud settings.

Read Post

Calico and K8s Network Policies - An Overview and Comparison

Oct 6, 2020 By Tigera In Tigera
In an age where attackers are becoming more and more sophisticated, network security as a line of defense is more important than ever. Network Policy is the primary tool for securing a Kubernetes network. It allows you to easily restrict the network traffic in your cluster so only the traffic that you want to flow is allowed. In this training session, we will go over the core concepts in Kubernetes Network Policies and Calico Network Policies. Compare and contrast between the two models, and highlight when to use one versus the other.
View Video

CNCF Webinar: Critical DevSecOps considerations for Multicloud Kubernetes

Oct 2, 2020 By Sysdig In Sysdig
The distributed nature of Kubernetes has turned both legacy infrastructure and traditional cybersecurity approaches on their heads. Organizations building cloud-native environments in their own data centers grapple with operationalizing and scaling Kubernetes clusters, and then ensuring system-wide security from the infrastructure layer all the way up to each container. In this webinar, you’ll hear from two cloud-native experts in infrastructure and security who will offer up valuable insights on.
View Video

CNCF Webinar: Getting started with container runtime security using Falco

Oct 2, 2020 By Sysdig In Sysdig
Protect Kubernetes? As Kubernetes matures, security is becoming an important concern for both developers and operators. In this talk, Loris Degioanni (CTO and Founder @Sysdig) will give an overview of cloud native security, discuss its different aspects, with particular focus on runtime, and explain what inspired the development of Falco, the CNCF container security project. Through demonstration, he will educate the CNCF community on the ways Falco is being used for real-world workloads. Lastly, he will share the latest on Falco’s adoption, maturation within CNCF and what’s on the horizon.
View Video
Subscribe to Containers

Copyright © 2024 OpsMatters™. All rights reserved.