Containers

A Closer Look at Falco CVE-2019-8339

May 13, 2019 By Mark Stemm In Sysdig

Recently, a member of the Falco community privately disclosed a capacity related vulnerability which, under circumstances where a malicious actor has already gained access to your system, could allow the actor to further bypass Falco’s detection of abnormal activity. The final details are still being worked out, but we believe the CVE will be classified as Medium severity according to the CVSS methodology.

Read Post

Sysdig

Read more about A Closer Look at Falco CVE-2019-8339

Falco 0.15.0 Released

May 13, 2019 By Michael Ducy In Sysdig

We are happy to announce the release of Falco 0.15.0. This release incorporates a number of improvements, as well as bug fixes, and rules updates. This release also includes a mitigation for CVE-2019-8339, and all users are encouraged to update to this release. You can find more details about the features and improvements in the release notes, but below are a few highlights.

Read Post

Sysdig

Read more about Falco 0.15.0 Released

MITRE ATT&CK framework for container runtime security with Sysdig Falco

May 10, 2019 By Pawan Shankar In Sysdig

MITRE ATT&CK is a comprehensive knowledge base and complex framework of over 200 techniques that adversaries may use over the course of an attack. While MITRE’s full ATT&CK framework is publicly available, it can be characterized into 3 key elements.

Read Post

Sysdig

Read more about MITRE ATT&CK framework for container runtime security with Sysdig Falco

Centralized vs. Distributed Authorization: The CAP Theorem

May 8, 2019 By Tim Hinrichs In Styra

One of the best parts of working on the Open Policy Agent at Styra is that we get to help people design authorization systems for both their platform and their custom applications. The other day we were talking someone through the design tradeoffs of authorization for their application, and the first decision they had to make was whether they wanted a centralized authorization system or a distributed authorization system. Both OPA and Styra support either, so we have no real bias.

Read Post

Styra

Read more about Centralized vs. Distributed Authorization: The CAP Theorem

Sysdig Secure: Overview of Policies

Apr 22, 2019 By Sysdig In Sysdig

Review of Policies in Sysdig Secure for runtime protection in a container based environment.

View Video

Sysdig

Read more about Sysdig Secure: Overview of Policies

Sysdig Secure: Working with Policies

Apr 22, 2019 By Sysdig In Sysdig

Walkthrough of how policies are defined in Sysdig Secure through scoping, alerting and defined actions to be taken, based on Falco rules. Covers whitelisting/blacklisting policies by containers, processes, network traffic, file system I/O and system calls.

View Video

Sysdig

Read more about Sysdig Secure: Working with Policies

Sysdig Secure: Policy Events

Apr 22, 2019 By Sysdig In Sysdig

Review of Policy Events in Sysdig Secure, showcasing our fast methodology to identify a service, host or container operating in runtime that is generating undesirable or nefarious activity defined by the events policy.

View Video

Sysdig

Read more about Sysdig Secure: Policy Events

Why RBAC is not Enough for Kubernetes Security

Apr 18, 2019 By Tim Hinrichs In Styra

Kubernetes isn’t (just) fun and games anymore. It’s being rolled out for production; it’s mission-critical; and all the security and compliance rules and regulations of the old world need to somehow be retrofitted onto Kubernetes. Unfortunately, the old tools for access control like RBAC simply aren’t up to the challenge.

Read Post

Styra

Read more about Why RBAC is not Enough for Kubernetes Security

Cloud Native visibility and security with Sysdig Platform

Apr 17, 2019 By Sysdig In Sysdig

Sysdig Platform v2.0 is the first tool that provides unified visibility across your microservices, containers and Kubernetes; By unlocking rich sources of data, our platform solves a ton of the issues you’ll face in operating modern applications.

View Video

Sysdig

Read more about Cloud Native visibility and security with Sysdig Platform

NIST SP 800-190 application container security with Sysdig Secure

Apr 17, 2019 By Pawan Shankar In Sysdig

In September 2017, the National Institute of Standards and Technology (NIST) released Special Publication (SP) 800-190, Application Container Security Guide. NIST SP 800-190 explains the security concerns associated with container technologies and recommendations for the image details and container runtime security. It provides prescriptive details for various sections including image, registry, orchestrator, container and host OS countermeasures.

Read Post

Sysdig

Read more about NIST SP 800-190 application container security with Sysdig Secure

Subscribe to Containers

Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

Containers

A Closer Look at Falco CVE-2019-8339

Falco 0.15.0 Released

MITRE ATT&CK framework for container runtime security with Sysdig Falco

Centralized vs. Distributed Authorization: The CAP Theorem

Sysdig Secure: Overview of Policies

Sysdig Secure: Working with Policies

Sysdig Secure: Policy Events

Why RBAC is not Enough for Kubernetes Security

Cloud Native visibility and security with Sysdig Platform

NIST SP 800-190 application container security with Sysdig Secure

Monthly Archive

Follow Us