Containers

Cloud Native visibility and security with Sysdig Platform

Apr 17, 2019 By Sysdig In Sysdig

Sysdig Platform v2.0 is the first tool that provides unified visibility across your microservices, containers and Kubernetes; By unlocking rich sources of data, our platform solves a ton of the issues you’ll face in operating modern applications.

View Video

Sysdig

Read more about Cloud Native visibility and security with Sysdig Platform

NIST SP 800-190 application container security with Sysdig Secure

Apr 17, 2019 By Pawan Shankar In Sysdig

In September 2017, the National Institute of Standards and Technology (NIST) released Special Publication (SP) 800-190, Application Container Security Guide. NIST SP 800-190 explains the security concerns associated with container technologies and recommendations for the image details and container runtime security. It provides prescriptive details for various sections including image, registry, orchestrator, container and host OS countermeasures.

Read Post

Sysdig

Read more about NIST SP 800-190 application container security with Sysdig Secure

Announcing the Sysdig Cloud-Native Visibility + Security Platform 2.0

Apr 9, 2019 By Apurva Dave In Sysdig

Today we’re announcing version 2.0 of the Sysdig Cloud-Native Visibility + Security platform. It provides a more powerful and significantly simpler way for enterprises to see the health, risk, and performance of their cloud-native environments in a single unified view.

Read Post

Sysdig

Read more about Announcing the Sysdig Cloud-Native Visibility + Security Platform 2.0

Understanding "container security"

Apr 8, 2019 By Rich Langston In AT&T Cybersecurity

Do you docker? Without a doubt, containers are one of the hottest concepts in application delivery and security these days. And that’s a very good thing. Containers have tremendous advantages over the way we have done things in the past. But how should containers influence a threat detection and response strategy? Do I need a larger “container security” strategy to get started deploying my apps using container architectures?

Read Post

AT&T Cybersecurity

Read more about Understanding "container security"

What Your Kubernetes Security Checklist Might Be Missing

Apr 5, 2019 By Jim Bugwadia In Tigera

New technologies often require changes in security practices. What is remarkable about containers and Kubernetes, is that they also provide the potential for enhancing and improve existing security practices. In this post, I will share a model that we use at Nirmata to help customers understand security concerns and plan Kubernetes implementations that are secure.

Read Post

Tigera

Read more about What Your Kubernetes Security Checklist Might Be Missing

Zero Trust Security: Supporting a CARTA approach with Continuous Monitoring

Mar 28, 2019 By Tigera In Tigera

Learn how to support a continuous adaptive risk and trust assessment (CARTA) approach leveraging accurate Kubernetes flow logs. 5-tuple logging is commonly used to monitor and detect anomalies and produces unreliable data that cannot accurately identify anomalies nor prove enforcement of security policies.

View Video

Tigera

Read more about Zero Trust Security: Supporting a CARTA approach with Continuous Monitoring

Container compliance for Docker and Kubernetes

Mar 22, 2019 By Sysdig In Sysdig

Container compliance for Docker and Kubernetes is an essential part of enterprise security. It’s important for your environments, no matter where they reside, to remain compliant with industry regulation and/or company security policy.

View Video

Sysdig

Read more about Container compliance for Docker and Kubernetes

Detecting and preventing cgroups escape via SCTP - CVE-2019-3874

Mar 22, 2019 By Harry Perks In Sysdig

This week CVE-2019-3874 was discovered which details a flaw in the Linux kernel where an attacker can circumvent cgroup memory isolation using the SCTP socket buffer. In containerised environments, this has the potential for a container running as root to create a DoS.

Read Post

Sysdig

Read more about Detecting and preventing cgroups escape via SCTP - CVE-2019-3874

The Myth of a Single Container Security Solution

Mar 20, 2019 By Christopher Liljenstolpe In Tigera

A proper container security strategy involves evaluating all components in the system.

Read Post

Tigera

Read more about The Myth of a Single Container Security Solution

Detecting the Kubernetes API Server DoS Vulnerability (CVE-2019-1002100)

Mar 19, 2019 By Kaizhe Huang In Sysdig

Recently, a new Kubernetes related vulnerability was announced that affected the kube-apiserver. This was a denial of service vulnerability where authorized users with write permissions could overload the API server as it is handling requests. The issue is categorized as a medium severity (CVSS score of 6.5) and can be resolved by upgrading the kube-apiserver to v1.11.8, v1.12.6, or v1.13.4.

Read Post

Sysdig

Read more about Detecting the Kubernetes API Server DoS Vulnerability (CVE-2019-1002100)

Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

Containers

Cloud Native visibility and security with Sysdig Platform

NIST SP 800-190 application container security with Sysdig Secure

Announcing the Sysdig Cloud-Native Visibility + Security Platform 2.0

Understanding "container security"

What Your Kubernetes Security Checklist Might Be Missing

Zero Trust Security: Supporting a CARTA approach with Continuous Monitoring

Container compliance for Docker and Kubernetes

Detecting and preventing cgroups escape via SCTP - CVE-2019-3874

The Myth of a Single Container Security Solution

Detecting the Kubernetes API Server DoS Vulnerability (CVE-2019-1002100)

Monthly Archive

Follow Us