The integration of cloud-native technologies like Kubernetes with public cloud platforms like Amazon EKS has ushered in a new era of scalable and efficient application deployments. However, this combination brings forth unique security challenges, especially concerning container images. Enter Calico Cloud’s Image Assurance – a comprehensive tool designed to bolster the security of your containerized applications on Amazon EKS.
Imagine you have a perfectly working Kubernetes cluster, and when everything seems on course, you get an “ImagePullBackOff” error. Although this is a popular issue in Kubernetes, understanding and troubleshooting the root cause can be a real headache. Kubernetes is an open-source container orchestration platform originally developed by Google.
Amazon’s Elastic Kubernetes Service (EKS) is a popular managed Kubernetes option that allows customers to benefit from both an offloaded Kubernetes management plane, and the wide range of services that AWS offers. Managed or unmanaged, securing cluster traffic is always critical and, although AWS Security Groups can secure the cluster nodes, securing pod traffic requires something closer to the application data-path.
Securing your Kubernetes environment and workloads is paramount in today’s digital landscape. Calico is the industry’s only active security platform with full-stack observability for containers and Kubernetes. Calico prevents, detects, troubleshoots, and automatically mitigates exposure risks of security breaches across multi-cluster, multi-cloud, and hybrid deployments.
On October 11 a new version of curl (8.4.0) was released, where a couple of new vulnerabilities were fixed (CVE-2023-38545 with severity HIGH and CVE-2023-38546 with severity LOW). These issues were previously announced in the project’s discussion. At the time of this blog, there have been several proof of concepts released for CVE-2023-38545 which result in crashes, but not exploitation.
As organizations adopt Microsoft AKS at scale, they need to enforce namespace or even workload-based isolation for better security and compliance. This isolation, often referred to as microsegmentation, can help prevent the lateral movement of threats inside Kubernetes clusters, achieve compliance by limiting communication across workloads or namespaces, and enable multi-tenancy by limiting communication.
Docker has revolutionized how developers work by offering a powerful platform for creating, shipping, and running container applications. It helps developers conquer the complexity of application development and significantly increases software shipping frequency. Despite setbacks in recent years, Docker brings home $50 million in revenue every year, driven by the ongoing demand for new applications.
Kubernetes is an open-source platform for governing clusters of containerized application services. Kubernetes automates the vital aspects of container lifecycle management, including scaling, replication, monitoring, and scheduling. The central component of Kubernetes is a cluster, which is itself made up of multiple physical or virtual machines.
Recently, Qualys discovered and reported a critical vulnerability affecting the popular GLIBC ecosystem, which is installed by default on most Linux-based operating systems. Specifically, a buffer overflow was found in the code responsible for handling special environment variables during the startup of a process which can result in a local privilege escalation. Fortunately, exploitation of this vulnerability can be detected by Falco.
To combat the growing threat of identity attacks, organizations need to adopt a proactive approach that goes beyond traditional security measures. Identity Threat Detection and Response (ITDR) is one such approach that focuses on monitoring and responding to suspicious activities related to user identities and access management. ITDR solutions can help organizations spot unusual patterns, such as multiple failed login attempts, access from unusual locations, or abnormal behavior within the system.
