Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

Tigera

tigera

Honeypods: Applying a Traditional Blue Team Technique to Kubernetes

Mar 17, 2021 By Garwood Pang In Tigera

The use of honeypots in an IT network is a well-known technique to detect bad actors within your network and gain insight into what they are doing. By exposing simulated or intentionally vulnerable applications in your network and monitoring for access, they act as a canary to notify the blue team of the intrusion and stall the attacker’s progress from reaching actual sensitive applications and data.

Read Post
tigera

Industry-First Pay-as-you-go SaaS Platform for Kubernetes Security and Observability

Feb 16, 2021 By Amit Gupta In Tigera

We are excited to introduce Calico Cloud, a pay-as-you-go SaaS platform for Kubernetes security and observability. With Calico Cloud, users only pay for services consumed and are billed monthly, getting immediate value without upfront investment.

Read Post

Protecting Against the Unpatched Kubernetes Vulnerability (CVE-2020-8554)

Feb 2, 2021 By Tigera In Tigera
CVE-2020-8554 is a vulnerability that allows Kubernetes Services to intercept cluster traffic to any IP address. Users who can manage services can exploit the vulnerability to carry out man-in-the-middle (MITM) attacks against pods and nodes in the cluster. All Kubernetes versions including the latest release (v1.20) are vulnerable to this attack. If your cluster is multi-tenant, or allows unprivileged users to create and update services, you are impacted.
View Video

Calico Enterprise Multi Cluster Management - Federated Identity and Services

Jan 30, 2021 By Tigera In Tigera
Managing multiple Kubernetes clusters can become time consuming and complex. Calico Enterprise can help with built in multi-cluster management capabilities to simplify deployment and ongoing operations, including securing interactions between the clusters, and providing cross-cluster service discovery.
View Video

Enterprise Security Controls for Kubernetes

Jan 21, 2021 By Tigera In Tigera
In this talk, we will explore how to meet common enterprise security control needs when running Kubernetes. We will look at a range of common enterprise security needs and how you can meet these with standard Kubernetes primitives and open source projects such as Calico, or take it a step further with the additional features of Calico Enterprise.
View Video
tigera

New Vulnerability Exposes Kubernetes to Man-in-the-Middle Attacks: How to Mitigate CVE-2020-8554

Dec 22, 2020 By Manoj Ahuje In Tigera

A few weeks ago a solution engineer discovered a critical flaw in Kubernetes architecture and design, and announced that a “security issue was discovered with Kubernetes affecting multi-tenant clusters. If a potential attacker can already create or edit services and pods, then they may be able to intercept traffic from other pods (or nodes) in the cluster.” If a hostile user can create a ClusterIP service and set the spec.externalIP field, they can intercept traffic to that IP.

Read Post

Enabling Secure Kubernetes Multi-Tenancy with Calico Enterprise

Dec 15, 2020 By Tigera In Tigera
When you have different teams interacting with a Kubernetes cluster you need to think about the security, privacy, and observability challenges associated with multi-tenancy: How to provide each team with access to the specific resources they need, in a way that allows the team to be agile, without risking impacting other teams? In this session, we’ll explore the Kubernetes multi tenancy concepts and design patterns needed for successful enablement of multi-tenancy within your Kubernetes clusters using key capabilities of Calico Enterprise.
View Video

Securing Kubernetes using Egress Access Controls

Dec 8, 2020 By Tigera In Tigera
A majority of existing workloads are non-Kubernetes, and for the platform teams involved, this creates challenges because the cluster will need to be securely connected to those resources. Calico Enterprise includes several features that enable fine-grained access controls between your microservices and databases, cloud services, APIs, and other applications that may be protected behind a firewall. There are different approaches to managing Kubernetes egress access, depending on your needs and where you want the control point to be
View Video

Deploying Calico in Your On-prem Kubernetes Cluster: Networking and Security Considerations

Dec 3, 2020 By Tigera In Tigera
If you are deploying Kubernetes on-premises in your datacenter, this is a talk and demo you won’t want to miss. Networking and security might not be the first things that come to mind, but without some understanding of the networking and security decisions you’ll need to make, and the right options for your environment, you’re likely to get stuck or make the wrong assumptions. These may limit your ability to scale or integrate with the rest of the datacenter network.
View Video

Multi-Cluster, Multi-Cloud and Hybrid Cloud Networking, Observability and Security Management

Nov 10, 2020 By Tigera In Tigera
Managing networking, observability and security in multiple Kubernetes clusters can quickly become a major challenge. Lack of a centralized, unified multi-cluster approach results in dozens of clusters that are deployed and managed independently throughout an organization, with very little uniformity in the way they are secured. This adds complexity for DevOps teams, who must adapt to different cluster environments.
View Video

Copyright © 2024 OpsMatters™. All rights reserved.