Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

Containers

tigera

Zero trust in the cloud: Best practices and potential pitfalls

Oct 25, 2022 By Ratan Tipirneni In Tigera

Architecturally speaking, cloud-native applications are broken down into smaller components that are highly dynamic, distributed, and ephemeral. Because each of these components is communicating with other components inside or outside the cluster, this architecture introduces new attack vectors that are difficult to protect against using a traditional perimeter-based approach.

Read Post
armo

How to validate Kubernetes YAML files?

Oct 20, 2022 By Bezalel In ARMO
Kubernetes has taken center stage in how we now manage our containerized applications. As a result, many conventions to define our Kubernetes apps exist, including structures such as YAML, JSON, INI, and more. This leaves us to consider what is the best strategy to follow for our applications. Additionally, we must then also ask how we can validate our application configurations depending on the path we’ve chosen in terms of file structure and especially security.
Read Post
sysdig

Detecting and mitigating CVE-2022-42889 a.k.a. Text4shell

Oct 19, 2022 By Alessandro Brucato In Sysdig

A new critical vulnerability CVE-2022-42889 a.k.a Text4shell, similar to the old Spring4shell and log4shell, was originally reported by Alvaro Muñoz on the very popular Apache Commons Text library. The vulnerability is rated as a critical 9.8 severity and it is always a remote code execution (RCE) which would permit attackers to execute arbitrary code on the machine and compromise the entire host.

Read Post

Sysdig Talks 2022 Threat Landscape (Live)

Oct 18, 2022 By Sysdig In Sysdig
Is your organization ready to pay an additional $430,000 cloud bill as a result of cryptojacking? The Sysdig Threat Research Team recently released the 2022 Sysdig Cloud-Native Threat Report, which details the cost of cryptojacking, the reality of software supply chain risks, and how hacktivism has become a prominent feature in cyber warfare. While the motives of hackers have not changed, they have adjusted their attack patterns and tactics to penetrate cloud environments more effectively. Fortify your cloud by understanding the current threat landscape and identifying defense strategies.
View Video

JFrog Advanced Security

Oct 18, 2022 By JFrog In JFrog
Introducing JFrog Advanced Security, the world’s first DevOps-centric security solution designed to control and protect your software supply chain from code to containers to production. As part of JFrog Xray and integrated into the universal JFrog DevOps Platform, these security features focus at the binary level, revealing issues that are not visible in source code alone. These new features go beyond the traditional software composition analysis (SCA) capabilities of JFrog Xray, with a focus on container security.
View Video
styra

Pod Security Policy Deprecation: In Memoriam

Oct 13, 2022 By Danny Baier In Styra

As you probably know by now, PodSecurityPolicy has been deprecated from Kubernetes for over a year, since the release of Kubernetes 1.21. In short PSP was an admission controller that let cluster managers control security by managing pod-specific policy. Like most other admission controllers, PSP could specify requirements one must meet to enter a pod, and deny any requests which don’t meet that requirement. In rare cases, PSP could also modify pod fields, changing requirements for access.

Read Post
sysdig

Image scanning for GitLab CI/CD

Oct 12, 2022 By Dale Rodriguez In Sysdig

Scanning a container image for vulnerabilities or misconfigurations on your GitLab CI/CD using Sysdig Secure is a straightforward process. This article demonstrates a step-by-step example of how to do it. The following proof of content showcased how to leverage the sysdig-cli-scanner with GitLab CI/CD. Although possible, this procedure is not officially supported by Sysdig, so we recommend checking the documentation to adapt these steps to your environment.

Read Post
Snyk

Secure your application from Argo CD to Kubernetes

Oct 12, 2022 By JJ Ng, Pas Apicella In Snyk

GitOps is a popular framework for managing and securing the application development pipeline. For many who have embarked on a GitOps journey, a common question is: “how can I secure my pipeline when everything is automated?” The GitOps framework is a concept where any code commits or changes are done through Git, which then triggers an automated pipeline that builds and deploys applications on Kubernetes.

Read Post

Copyright © 2024 OpsMatters™. All rights reserved.