Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

Containers

Threats targeting Kubernetes and Defences

Jun 11, 2021 By Tigera In Tigera
Attackers are continuously evolving their techniques to target Kubernetes. They are actively using Kubernetes and Docker functionality in addition to traditional attack surfaces to compromise, gain required privileges and add a backdoor entry to the clusters. A combination of Kubernetes security and observability tools is required to ensure the cloud infrastructure monitoring and lockdown and to enable DevSecOps teams with the right tools for the job.
View Video

Securing Kubernetes workloads at Discover Financial Services

Jun 11, 2021 By Tigera In Tigera
It’s a daunting task starting down the path to securing your workloads running on Kubernetes in the Cloud. There are no shortages of vendors with great tools in the Cloud security space. There is a multitude of domains that must be accounted for, along with internal challenges in bringing an organization along into new ways of thinking. This talk will focus on Discover’s Cloud security journey, with an overview of how the program has evolved over the last 4 years, key capabilities & concepts that have been embraced and challenges faced.
View Video

The Crossroad of Security & Observability in Kubernetes: A Fireside Chat

Jun 11, 2021 By Tigera In Tigera
Security as an afterthought is no longer an option and must be deeply embedded in the design and implementation of the products that will be running in the cloud. It is increasingly more critical for many security teams to be almost, if not equally, knowledgeable of the emerging and rapidly evolving technology. Join Manish Sampat from Tigera, as explores the topic in detail with Stan Lee from Paypal.
View Video
styra

K8s Admission Control vs RBAC

Jun 9, 2021 By Tim Hinrichs In Styra

Today, if you’re running Kubernetes, you know that security is not “built-in.” To secure your clusters, you have to configure, add or build in additional controls. Some are part of Kubernetes, like role-based access control (RBAC), but other best practices include specifying trusted repositories for known-good containers and then layering in runtime scanning tools as well.

Read Post
Snyk

Recapping DockerCon 2021 with Snyk: Red Ventures, Docker container security, and more

Jun 9, 2021 By Sarah Conway In Snyk

DockerCon 2021 brought containerization experts together to discuss all things Docker, from building containerized applications and running container images to improving container security. In this post, we’ll recap a live panel discussing how container security fits into the new cloud native era, how Red Ventures scaled container security scanning with Snyk, and ways to make vulnerability remediation easier.

Read Post
sysdig

Automated Falco rule tuning

Jun 9, 2021 By Eric Lugo In Sysdig

We recently released the automated Falco rule tuning feature in Sysdig Secure. Out-of-the-box security rules are a double-edged sword. On one side, they allow you to get started right away. On the other, it can take many working hours to learn the technology, configuration, and syntax to be able to customize the rules to fit your applications. Falco’s default security rules are no different.

Read Post
tigera

CVE-2021-31440: Kubernetes container escape using eBPF

Jun 9, 2021 By Manoj Ahuje In Tigera

In a recent post by ZDI, researchers found an out-of-bounds access flaw (CVE-2021-31440) in the Linux kernel’s (5.11.15) implementation of the eBPF code verifier: an incorrect register bounds calculation occurs while checking unsigned 32-bit instructions in an eBPF program. The flaw can be leveraged to escalate privileges and execute arbitrary code in the context of the kernel.

Read Post

Copyright © 2024 OpsMatters™. All rights reserved.