Shield GKE's Achilles Heel using RBAC
If you’re using GKE (Google Kubernetes Engine), you should be extremely cautious when adding roles to the system:authenticated group because anyone with a Gmail account can access your cluster.
Security | Threat Detection | Cyberattacks | DevSecOps | Compliance
The Latest Cybersecurity News & Insights From Around The World
Snyk & IAG
Snyk helps software-driven businesses develop fast and stay secure. Continuously find and fix vulnerabilities for npm, Maven, NuGet, RubyGems, PyPI and more.
Hardening Tools 101
Server hardening refers to the actions performed to reduce the server OS and application attack surface. this is done by changing the default configurations of the system’s components (servers, applications, etc.) and removing unnecessary components. Out of the box, Server OS are more function-oriented rather than for security, which means that unnecessary functions are enabled. Default, insecure configurations reflect a potential attack vector.
Five Ways Your CI/CD Pipeline Can Be Exploited
CI/CD pipelines can be exploited in a number of ways and we're going to share a few with you.
How MITRE Attack Mapping & CIS Control Mapping Fortify Your Network
A correlation between ATT&CK Mitigations and CIS Controls, often termed as a ‘high-level’ mapping, show case the count of mapped ATT&CK (Sub-)Techniques within each ATT&CK Mitigation. Additionally, it provides the total number of ATT&CK (Sub-)Techniques associated with the respective ATT&CK Mitigation. Mitre attack mapping accurately and consistently maps adversary behaviors relevant to ATT&CK techniques as part of cyber threat intelligence (CTI).
Overcoming CVE Shock with Effective Kubernetes Vulnerability Scanning
ARMO’s new feature revolutionizes Kubernetes vulnerability scanning based on eBPF technology to help Kubernetes and DevSecOps practitioners focus on fixing the vulnerabilities that impact their security posture the most.
CloudCasa January Feature Updates
Happy New Year! Close on the heels of our December update, we are back again with our first major release of 2024. It packs quite a few improvements in user experience as well as a major change to our service plans. Read on for more details.
Store API keys and other secrets securely in python using env variables
In this Tech Tip Tuesday video we share how to securely store secrets like API keys or other credentials environment variables. To do this we use the python dotenv project to store secrets in a.env file and load them into local memory. Subscribe for more tech tips, on Tuesdays and other days.
Ultimate Guide to Hardening User Account Control Settings & Boosting Windows Security (2024)
User Account Control (UAC) plays a crucial role in Windows security by mitigating the risk of malware. It accomplishes this by restricting the capacity of malicious code to run with administrator privileges. The CIS benchmark 2.3.17 for User Account Control (UAC) specifically addresses the security configuration settings related to UAC on Windows operating systems. We will discuss in this blog CIS benchmarks for.
Risks of source code leakage
Attackers are always after your source code! Source code is very leaky and often contains sensitive information like secrets (APi keys or credentials).