Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

Sysdig today announced that it has achieved Amazon Web Services (AWS) Security Competency status. This crucial designation recognizes the value provided by the Sysdig Secure DevOps Platform to AWS customers to achieve their container and cloud security goals. As a key partner for the ecosystem, Sysdig collaborates closely with AWS and its customers to enhance the protection of cloud infrastructure and applications against continuously evolving security threats.

This week, Linux maintainers and vendors disclosed a heap overflow vulnerability in the Linux Kernel. The vulnerability has been issued a Common Vulnerability and Exposures ID of CVE-2022-0185 and is rated as a High (7.8) severity. The flaw occurs in the Filesystem Context system when handling legacy parameters. An attacker can leverage this flaw to cause a DDoS, escape container environments, and elevate privileges.

The increasing number of yearly reported data breaches and new critical vulnerabilities, such as log4j, impacting both small and large businesses shows that cyberthreats are real and targeting everyone. You can minimize risk by implementing runtime security and having an incident response plan in place to contain attacks. But, in container environments, responding fast to incidents is challenging.

Our security research team will explain a real attack scenario from the black box and white box perspective on how a vulnerable AWS Lambda function could be used by attackers as initial access into your cloud environment. Finally, we show the best practices to mitigate this vector of attack. Serverless is becoming mainstream in business applications to achieve scalability, performance, and cost efficiency without managing the underlying infrastructure.

In the early days of 2022, two extremely popular JavaScript open source packages, colors.js, and faker.js, were modified to the point of being unusable. The reason for this event can be traced to various motivations, but what is worth mentioning is that several applications that employed those dependencies were involved. The two impacted packages can be used for different purposes in JavaScript applications. colors.js enables color and style customization in the node.js console.

Microsoft Azure is a great choice for enterprises looking to quickly build and deploy apps to the cloud. However, cloud teams must simultaneously consider how to implement DevSecOps practices to reduce, manage and avoid risks. Sysdig is collaborating with Microsoft to simplify cloud and container security and deliver robust SaaS-based solutions for the Azure ecosystem.

As infrastructures and workloads transition to cloud and teams adopt a CI/CD development process, there is a new paradigm shift: infrastructure is becoming code. This approach of treating infrastructure as code (IaC) is incredibly powerful, brings us many advantages, and enables transformative concepts like immutability. We define infrastructures in a declarative way and version them using the same source code control tools (in particular git) that we use for our application code.

If you are here, chances are that your pet is always running around, destroying things in your sweet house. We will show you how to enrich Falco security through a smart plugin that may not stop your pet from bad behavior, but will at least warn you when it does misbehave! Out of the box, Falco is denoted as the cloud-native runtime security project. Recently though, it gained support for plugins, in other words, shared libraries that provide external event sources. What does that mean?

The situation involving the log4j ( log4shell ) vulnerability has been rapidly evolving since its release a little over a week ago. A new exploit, CVE-2021-45046, was found which was not covered by the initial 2.15.0 patch. Not long after the 2.16.0 patch was released, another issue was found, CVE-2021-45105, which resulted in the release of 2.17.0. There is clearly a lot going on in the log4j library.