Around 20 years ago I had the privilege of joining a young company that invented the Firewall – Check Point. I learned most of my networking knowledge and skills at Check Point and, at that time, I was involved in the high end, rapidly evolving internet. This might be the reason why I truly believe that network security must be a layer in the overall security strategy. A few years ago, I came back to Check Point as a cloud security product manager.
As you may have heard, a massive breach of Microsoft Exchange servers was revealed in the last several weeks. The attack is not over yet. We can always wait for another attack and blame another vendor, but when it comes to Microsoft, well, who can we rely on after that? SolarWinds, Centreon and now Microsoft Exchange… With almost 80% enterprise market share, the Exchange holds the biggest secrets of our times, and now nobody knows where they went.
Kubernetes secrets are the nativere sources for storing and managing sensitive data, like passwords, cloud access keys, or authentication tokens. You need to distribute this information across your Kubernetes clusters and protect it at the same time. When sending your password to each node in your cluster, it’s critical to ensure that only authorized entities—users, services, or workloads—are able to access it.
As a product manager, I am always concern about the value my customers will get from the product, and this is my main focus. In order to achieve this, I often meet with customers and talk about pain points, problems,offer a solution, see how the product can help. In the past few years, one of the items that get raised in these discussions is not related to any pain pointor feature requirement, it is the attachment method when dealing with K8s security.
Enabling enclaves-based security is key for enterprise cloud adoption General availability of Nitro Enclaves, recently announced by AWS, is Amazon’s way of delivering confidential computing to its customers. Following similar announcements by Microsoft Azure and Google Cloud, AWS announcement further confirms growing demand for additional runtime protection of customer’s data and other intellectual properties.
The latest exploit in the series of issues with cloud infrastructure software is called “ContainerDrip” (CVE-2020-15157)and in some cases it can cause you to leak your registry secrets to an attacker. The attack is actually a kind of secret or password leak using request forgery. Your client unintentionally makes an HTTP API request to the attacker’s endpoint where this request contains the container image registry secret.
CVE-2020-14386 is yet another severe vulnerability that was recently discovered in the Linux kernel. It reminds us that the fight against vulnerabilities is not over. This particular one allows a regular application to escalate its privileges and gain root access to the machine. Indeed, it sounds scary.
In its latest announcement of Traffic Director’s support for gRPC Proxyless services in service mesh Google addresses the well-known (yet less spoken of) trade offs for using sidecars to handle networking on behalf of your applications.
Leonid Sandler, Co-Founder and CTO of Cyber Armor, set for an interview with Safety Detective’s Aviva Zacks on the inspiration behind the company.
