Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

armo

CVE-2022-23648 - Arbitrary Host File Access from containers launched by containerd CRI and its impact on Kubernetes

Mar 29, 2022 By Leonid Sandler In ARMO
Recently discovered vulnerability - CVE-2022-23648 - in containerd, a popular container runtime, allows especially containers to gain read-only access to files from the host machine. While general container isolation is expected to prevent such access, in Kubernetes, it is especially dangerous because well-known and highly sensitive files are stored in known locations on the host.
Read Post
teleport

How to Configure SSO for AWS Resources with Okta and SAML

Mar 29, 2022 By Janakiram MSV In Teleport

This blog is part of a series on how to provide identity-based access to AWS resources. In the first tutorial, we saw how to set up an identity-aware AWS bastion host using the OSS solution, Teleport. In this blog, we will expand the scenario to use a single-sign-on (SSO) authentication mechanism to issue certificates to specific groups of users to access AWS resources.

Read Post
Snyk

Building a secure GraphQL API with Node.js

Mar 29, 2022 By Lawrence Eagles In Snyk

GraphQL provides security straight out of the box with validation and type-checking. However, it doesn’t fully address security concerns around APIs. In this article, we’ll learn how to secure GraphQL APIs by building a simple Node.js application using Fastify and GraphQL. According to its official documentation, GraphQL is a graph query language for APIs and a runtime for fulfilling those queries with our data.

Read Post

Security at ServiceNow (feat. Karl Klaessig) - The Big Fix 2022 by Snyk

Mar 29, 2022 By Snyk In Snyk
Karl Klaessig, Director of Product Marketing and Security Operations at ServiceNow joins Randall Degges, Head of Developer Relations and Community at Snyk to discuss security challenges and how they approach them at ServiceNow. The Big Fix brought together developers, DevOps, and security practitioners of all skill levels to help make the internet more secure through a month of fixing vulnerabilities, ending in a 24-hour livestream event.
View Video
CloudCasa

How CloudCasa Helps Organizations Address Data Protection Weaknesses in Kubernetes

Mar 29, 2022 By CloudCasa In CloudCasa

In a recent episode of TFiR Let’s Talk, Swapnil Bhartiya sat down with Sathya Sankaran, Chief Operating Officer at CloudCasa by Catalogic, to discuss how the Kubernetes ecosystem is shifting and how CloudCasa is helping organizations address the data protection weaknesses in Kubernetes and cloud-native infrastructure and adopt these new technologies.

Read Post
CalCom

How to mitigate PetitPotam NTLM Relay Attack

Mar 27, 2022 By John Gates In CalCom
The latest Windows versions are compatible with NTLM and default NTLM implementation necessitates Active Directory. Microsoft has shared instructions on mitigating PetitPotam a type of NTLM relay attack that is used against Windows domain servers or controllers. Microsoft has referred to it as the ‘classic’ NTLM (ADV210003) relay attack allowing an attacker to take over domain controller or other Windows servers.
Read Post
CalCom

What is Cybersecurity Maturity Model Certification 2.0 (CMMC 2.0)?

Mar 27, 2022 By John Gates In CalCom
The DoD or Department of Defense of the United States of America implements the CMMC or Cybersecurity Maturity Model Certification to standardize or normalize the overall preparedness for cybersecurity across the DIB (Defense Industrial Base) of the federal government against evolving threats.
Read Post

How to Mitigate Risks in Software Supply Chain Security

Mar 24, 2022 By Snyk In Snyk
In this session, Mic McCully and Jake Williams explore the software supply chain as an attack vector – by identifying risks and mitigation strategies throughout the software development processes and environment. Watch this to learn how you can meet new requirements and protect your software from these attacks. Snyk helps software-driven businesses develop fast and stay secure. Continuously find and fix vulnerabilities for npm, Maven, NuGet, RubyGems, PyPI and more.
View Video
Snyk

Improving coverage of cloud resources to reduce infrastructure drift

Mar 23, 2022 By Stephane Jourdan In Snyk

As developers, we need maximum visibility of what’s actually running in our cloud environments, in order to keep them secure. Infrastructure as code (IaC) helps developers automate their cloud infrastructures, so what’s deployed to the cloud is under control and can easily be audited. But achieving and maintaining 100% IaC coverage of your infrastructure has many challenges.

Read Post

Copyright © 2026 OpsMatters™. All rights reserved.