Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

Latest Posts

NEW: ARMO Platform Introduces Auto-Generation of Seccomp Profiles

We are thrilled to announce the latest enhancement to ARMO Platform: Seccomp Profiles Leveraging eBPF. This feature uses eBPF to take the guesswork out of creating seccomp profiles. Thus, benefiting from the added security seccomp profiles provide, without the risk of “breaking” applications.

ARMO's new security-boosting summer cocktail: Layered Vulnerability Scanning, SBOM View, and new Auto-Generated Network Policies

This summer ARMO is proud to announce a batch of new features designed to enhance your cloud security posture. We developed groundbreaking capabilities for in-depth vulnerability scanning, simplified vulnerability management with SBOM view, and streamlined network policy generation for two popular CNIs, Calico and Cilium.. We invite you to explore these new features and discover how they can add to your organization’s security. Let’s go.

CVE-2024-7646: Ingress-NGINX Annotation Validation Bypass - A Deep Dive

Attention: a new Kubernetes vulnerability was uncovered by André Storfjord Kristiansen (@dev-bio on GitHub) and it demands immediate attention from security professionals and DevOps teams. CVE-2024-7646, affecting the popular ingress-nginx controller, allows malicious actors to bypass annotation validation and potentially gain unauthorized access to sensitive cluster resources. This vulnerability has been assigned a CVSS v3.1 base score of 8.8 (High).

Runtime anomaly detection in Kubernetes: enhancing security through context-aware profiling

Runtime anomaly detection is fast becoming a critical component for protecting containerized environments. Recent advancements in this field are addressing long-standing challenges and introducing innovative approaches to enhance security posture.

Unraveling the State of Kubernetes Security in 2024

We explored the Red Hat State of Kubernetes security report 2024, one of our favorite yearly reports. It’s jam-packed with incredibly fascinating information about one of our favorite subjects—Kubernetes security. Imagine that! In this post we’ll review some of the more interesting data points and contrast them with results from prior years. We’ll also discuss our own perspectives and observations on how this affects you as a Kubernetes user.

eBPF use cases

What is eBPF and how can it be used within the Kubernetes environment? In the dynamic world of container orchestration, where speed and adaptability are a must, eBPF, short for Extended Berkeley Packet Filter, has changed how developers interact with kernels within Kubernetes environments. At its core, eBPF crosses traditional boundaries, offering a programmable and secure in-kernel execution environment that empowers developers to use custom code without the need for modifications to the kernel itself.

The Kubernetes gap in CNAPP - exploring why many CNAPPs have a Kubernetes gap

A guest post by James Berthoty, founder of Latio. CSPMs and CNAPP have a major gap, and unfortunately, it drives the majority of your cloud that actually matters (Kubernetes). To be frank, most CNAPPs were created around two things: Even the early players in the space who recognized the value of containerization found themselves too ahead of the market to support the giant funding opportunities present from their competition, who were focused on easily scanning every cloud workload that could exist.

regreSSHion: RCE Vulnerability in OpenSSH Server (CVE-2024-6387)

A high-severity remote code execution (RCE) vulnerability has been found in OpenSSH’s server (CVE-2024-6387) by the research team of Qualys. This issue is especially concerning because it brings back a problem that was originally fixed in 2006, showing that one of the most popular secure software still has hidden bugs. This discovery follows another major vulnerability found in the XZ Utils library just a few months ago, highlighting ongoing security challenges.