Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

Containers

Escaping a Docker container

Nov 10, 2022 By Sysdig In Sysdig
Escaping a docker container can get you access to the whole linux host, so it's a precious technique for a cyber attack. But it's also valuable for defenders: hacking docker containers to get a breakout is a fun way to better understand a vulnerability and how to better protect from these exploits! In this hands on video, we look at three real life scenarios where you can actually break out from a docker container.
View Video
sysdig

Using Sysdig Secure to Detect and Prioritize Mitigation of CVE 2022-3602 & CVE 2022-3786: OpenSSL 3.0.7

Nov 10, 2022 By Daniella Pontes In Sysdig

The awaited OpenSSL 3.0.7 patch was released on Nov. 1. The OpenSSL Project team announced two HIGH severity vulnerabilities (CVE-2022-3602, CVE-2022-3786), which affect all OpenSSL v3 versions up to 3.0.6. These vulnerabilities are remediated in version 3.0.7, which was released Nov. 1. The vulnerabilities fixed include two stack-based buffer overflows in the name constraint checking portion of X.509 certificate verification.

Read Post
styra

3 OPA Trends from Cloud Native Policy Day at KubeCon + CloudNativeCon

Nov 9, 2022 By Peter O'Neill, Jr. In Styra

This year’s KubeCon + CloudNativeCon NA featured new and exciting updates from the open source community, and we also hosted our own event, Cloud Native Policy Day with OPA, hosted by Styra. At Cloud Native Policy Day, we were fortunate to host a full roster of Open Policy Agent (OPA) luminaries from leading companies to speak at our event, and we wanted to share some high-level takeaways from their talks– each of which showcased unique ways of using OPA.

Read Post
sysdig

How to deal with ransomware on Azure

Nov 8, 2022 By Nigel Douglas In Sysdig

Let’s dig deeper into the techniques used by attackers and the mitigations you should implement when ransomware on Azure affects you. By now, we should all be aware of ransomware from the constant news articles associated with this known threat. As we explained in the anatomy of a cloud attacks, ransomware is a way for attackers to make money when they gain control of your accounts through data encryption, therefore restricting your access to the system.

Read Post
tigera

3 container security best practices to strengthen your overall security posture

Nov 8, 2022 By Ratan Tipirneni In Tigera

Container environments are highly dynamic and require continuous monitoring, observability, and security. Since container security is a continuous practice, it should be fully integrated into the entire development and deployment cycle. Implementing security as an integral part of this cycle allows you to mitigate risk and reduce the number of vulnerabilities across the dynamic and complex attack surface containers present.

Read Post
teleport

A Simple Overview of Authentication Methods for Kubernetes Clusters

Nov 7, 2022 By Tiago Silva In Teleport

Kubernetes is a very complex product where creating and managing clusters requires a great deal of knowledge on a wide range of topics. The introduction of managed clusters brought simplicity to the process allowing users to focus on extracting the most out of the system. One of the areas of most interest and different configurations is authentication and authorization. In authentication, the main objective, and most critical of all, is to ensure the identity and validity of users and machines.

Read Post

Teleport Kubernetes Demo | Setup, RBAC, Event Auditing

Nov 4, 2022 By Teleport In Teleport
In this video, we'll look at how to manage Kubernetes access with Teleport. We'll set up a Teleport cluster, securely add a Kubernetes cluster to be managed in Teleport, do a deep dive on controlling access to Kubernetes with Teleport's RBAC system, and end with an overview of Teleport's built-in auditing capabilities.
View Video

Copyright © 2024 OpsMatters™. All rights reserved.