Compromising a pod in a Kubernetes cluster can have disastrous consequences on resources in an AWS Elastic Kubernetes Service (EKS) account if access to the Instance Metadata service is not explicitly blocked. The Instance Metadata service is an AWS API listening on a link-local IP address. Only accessible from EC2 instances, it enables the retrieval of metadata that is used to configure or manage an instance.
Sysdig is pleased to support AWS today in their GA launch of Bottlerocket, a special-purpose operating system designed for hosting Linux containers. Orchestrated container environments run potentially hundreds of compute nodes. Operating general-purpose Linux on container hosts introduces complexity for IT teams who must patch and update packages across their clusters. Worse, features and packages that are not necessary for running containers, introduce unnecessary security exposure.
Attackers were quick to exploit the COVID-19 pandemic, with coronavirus-themed phishing campaigns, Trojans delivering ransomware and backdoors, and other scams. Netskope Threat Labs have been keeping a close eye on the threat landscape and tracking COVID-related campaigns throughout this unprecedented time.
According to its own website, FedRAMP serves three different of partners: federal agencies, Cloud Service Providers (CSP) and third-party assessment organizations. This article will focus on CSPs and how a good CSP can provide services that provide monetary savings for your agency.
Imagine you’ve protected your production Google Cloud environment from compromised credentials, using MFA and a hardware security key. However, you find that your GCP environment has been breached through the hijacking of OAuth session tokens cached by gcloud access. Tokens were exfiltrated and used to invoke API calls from another host. The tokens were refreshed by the attacker and did not require MFA. Detecting the breach via Stackdriver was confusing, slowing incident response.
Cloud storage has become mainstream. It is one of the fastest-growing segments of IT spending and an indispensable tool for many modern businesses. However, not enough is being done to secure data residing in the cloud. According to Gartner, 90% of organizations that fail to control public cloud use will share information inadvertently or inappropriately through 2025. Almost all cloud security failures will be due to the cloud customer, not the service provider.
Recently I participated in a webinar with Toks Oladuti (Netskope customer, and senior IT security manager at the international law firm Herbert Smith Freehills), and my colleague Neil Thacker (Netskope’s CISO EMEA). The conversation was hosted by Janet Day, a long-time technology consultant to the legal industry. During the webinar, we touched on a lot of topics and I was particularly interested to hear Toks’ stories of HSF’s journey to the cloud.
“Ev, do you have time later today to discuss the new web GUI for the command line terminal?” said the Slack message. It came from Alex, our user experience chief and the product in question is the SSH client. Part of me was worried. The command line environment had a sanctuary where I found peace and happiness away from the world of browser-based tools.
