Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

Containers

Vulnerability: runc process.cwd and leaked fds container breakout (CVE-2024-21626)

Snyk has discovered a vulnerability in all versions of runc <=1.1.11, as used by the Docker engine, along with other containerization technologies such as Kubernetes. Exploitation of this issue can result in container escape to the underlying host OS, either through executing a malicious image or building an image using a malicious Dockerfile or upstream image (i.e., when using FROM). This issue has been assigned the CVE-2024-21626.

Leaky Vessels: Docker and runc container breakout vulnerabilities (January 2024)

Snyk security researcher Rory McNamara, with the Snyk Security Labs team, identified four vulnerabilities — dubbed "Leaky Vessels" — in core container infrastructure components that allow container escapes. An attacker could use these container escapes to gain unauthorized access to the underlying host operating system from within the container.

Troubleshooting DNS issues in Kubernetes: Investigate and reduce NXDOMAIN (domain does not exist) responses

NXDOMAIN, indicating the non-existence of a queried domain, poses significant challenges within Kubernetes, impacting application functionality, service communication, and overall cluster stability. Investigating NXDOMAIN responses in Kubernetes is vital for sustaining the reliability, performance, and security in a containerized environment.

Runtime Is The Way

The cloud security market has been totally bizarre ever since it started. Why are we being given a python script to count our workloads? How do we handle sending alerts like “new unencrypted database” to a SOC? What’s the difference between this tool and the open source options? We’re all learning together about the new processes, tools, and deployments that would define the future.

Threat Detection on a Cloud-Native Attack Surface

Public cloud infrastructure is, by now, the default approach to both spinning up a new venture from scratch and rapidly scaling your business. From a security perspective, this is a brand new (well, by now more than a decade old) attack surface. “Attack surface” is a commonly used term that denotes the aggregate of your exploitable IT estate, or all of the different pathways a hacker might be able to use to gain access to your systems, steal your data, or otherwise harm your business.

Enhancing container security: A comprehensive overview and solution

In the rapidly evolving landscape of technology, containers have become a cornerstone for deploying and managing applications efficiently. However, with the increasing reliance on containers, understanding their intricacies and addressing security concerns has become paramount. In this blog, we will delve into the fundamental concept of containers and explore the crucial security challenges they pose.

SEC's Cyber Wake-up Call: The Evolving Role of the CISO (LIVE)

Join us for a LinkedIn Live panel discussion between industry experts Matt Stamper (CEO, Executive Advisors Group LLC), Colleen Lam (General Counsel, Sysdig), and Andrew Thorpe (Partner at Gunderson Dettmer and former Special Council at the SEC), as they dissect the seismic shifts in the cybersecurity landscape post the SEC's updated guidelines and the Solarwinds complaint.

Sysdig Stands Alone: GigaOm Names Sysdig a Leader and Outperformer for Cloud Workload Security

If you follow cloud security, you know the market can be challenging to navigate, as security needs are often complex, span multiple teams, and demand new processes to pair with the expanding roster of technologies Fortunately, the market is starting to mature and coalesce around unifying cloud security technologies that bring together visibility across cloud infrastructure, containers, hosts, and identities.