In this video we continue our examination of Linux namespaces by looking at some details of how the PID namespace can be used to isolate a container’s view of processes running on the host, and how this feature can be used for troubleshooting container problems. To learn more read our blog on Datadog’s Security Labs site.

Vulnerability Prioritization: Looking at CVSSv4.

Vulnerability Management always starts from… a list of vulnerabilities. But where does this list come from? How do you know what software an organization is using? SBOM is a way to describe all this. It’s a data model, a format, used by a broad ecosystem helping manage vulnerabilities and more.

Account takeover happens when someone tries to steal a user account. Any service offering authentication can face it since an attacker just has to test pairs of users and passwords. Zack Allen joins us to share his experience protecting organizations that faced massive account take over, describes the criminal and financial motivation of attackers, their methods to hide, and how they move from a database leak to a compromised account. We show the tools that attackers most commonly use. Eventually, we discuss how to detect and protect your organization around account take over.

00:00 Intro: welcome Chris!

03:05 Trends in cloud security, reflected at fwd:cloudsec

05:00 fwd:cloudsec submissions - more practitioners needed!

10:40 Blurring the lines: what does that practically means?

19:30 Cloud service providers maturity: their security posture evolved

24:30 Public Cloud Security Breaches

30:01 Public Cloud Security Breaches demo

32:35 the Last Pass attack deep dive

38:00 Identify the crown jewels!

One of the technologies used by Linux containers to provide an isolated environment, is namespaces. They are used to provide a contained process with an isolated view of different Linux resources. In this video we look at some of the details of how Linux namespaces work and then take a more detailed look at the mount namespace which isolates a processes' view of its filesystem.

Resource Catalog provides visibility and security context directly to DevOps in the same platform they are already using every day to monitor their infrastructure. As a result, DevOps teams no longer have to react to a laundry list of security threats. Instead, they are armed with the insight to vigilantly detect security misconfigurations and reduce the mean time to remediation so that their security posture is strengthened.

When you want to secure containerized environments, it’s important to understand the details of how they work. In this video we’ll take a look at the idea that containers are just processes and how you can use Linux tools to interact with them.

Chaptering and links to content.

Asset inventories enable you to know what you have to secure, and to monitor it for deviations. The pace of iteration in the world of software engineering makes those platforms inevitable. In this episode we welcome Sacha Faust, director of security engineering at Grammarly, who built Cartography, one of the first open source asset inventory. Sacha describes what led them to building this (funnily: an offensive use case!), how inventories enable spreading ownership to software teams, the solution that exist off the shelf today, …