Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

Containers

Cloud invaders: Spotting compromised users before it's too late

Identities have become one of the most common ways modern threat actors gain a foothold in the cloud. From stolen credentials to overly permissive roles and privilege escalation, attackers use a range of tactics to exploit identities and use them to launch devastating breaches. Once inside your environment, they can move laterally, exploit resources, or steal sensitive data, leaving security teams scrambling to contain the damage.

Kubernetes Secrets: How to Use Them Securely

Storing sensitive values is a problem as old as software itself. In 2016, Uber experienced a massive data breach that exposed 57 million users’ personal information—all traced back to a hardcoded AWS credential discovered in a GitHub repository. While we have successfully established that hardcoding secrets such as API keys and passwords is bad practice, correctly storing them is a different story, and the issues from 2016 are still prevalent today (8 years later…).

Bridging the Gap Between VMs and Containers

Traditionally, containers and VMs have operated in separate silos, each with distinct management tools and workflows. OpenShift Virtualization breaks down these barriers, allowing VMs to run alongside containerized applications as native Kubernetes resources. This offers organizations the flexibility to modernize their application stacks incrementally, leveraging existing VM-based workloads while embracing the agility of containers.

LLMjacking targets DeepSeek

Since the Sysdig Threat Research Team (TRT) discovered LLMjacking in May 2024, we have continued to observe new insights into and applications for these attacks. Large language models (LLMs) are rapidly evolving and we are all still learning how best to use them, but in the same vein, attackers continue to evolve and grow their use cases for misuse.

Improving Kubernetes Security: Lessons from an Istio Configuration Finding

As a part of our ongoing work to secure cloud computing infrastructure, we delved into the inner workings of some popular Kubernetes add-ons. Our first subject of research was Istio, a popular service mesh add-on. Istio is an open-source service mesh for Kubernetes that manages communication between microservices. It provides traffic management, security, and observability features without requiring code changes.

Seamless Migration from RKE to RKE2 with CloudCasa - A SUSE Partner Solution

As the Kubernetes landscape continues to evolve, there is often the need to adapt to newer, more robust distributions. SUSE has announced the end of life of RKE (Rancher Kubernetes Engine) in favor of RKE2, a Kubernetes distribution designed with enhanced security, resilience, and scalability. For organizations running workloads on RKE, this shift marks an important milestone—but it also raises questions about how to migrate workloads safely and efficiently.

Experience Frictionless Access Without Sacrificing Security

Are you tired of hitting roadblocks just when you need to make critical updates? You’re rushing to resolve an issue, only to realize you’ve lost access to the Kubernetes cluster or database you need. You file a ticket, wait for IT approval, and hope it doesn’t take days—while your deadline looms. Sound familiar?

MySpace? Your security

In the early 2000s, one of the hardest choices many of us faced online was selecting our MySpace “Top 8” — the ultimate public display of friendship. Choosing which friends to feature required serious thought, some strategic prioritization, and let’s be honest — risking a few hurt feelings. I wonder if Tom still thinks about the impossible position he created for a generation of young internet users.