We are thrilled to announce the latest enhancement to ARMO Platform: Seccomp Profiles Leveraging eBPF. This feature uses eBPF to take the guesswork out of creating seccomp profiles. Thus, benefiting from the added security seccomp profiles provide, without the risk of “breaking” applications.

This summer ARMO is proud to announce a batch of new features designed to enhance your cloud security posture. We developed groundbreaking capabilities for in-depth vulnerability scanning, simplified vulnerability management with SBOM view, and streamlined network policy generation for two popular CNIs, Calico and Cilium.. We invite you to explore these new features and discover how they can add to your organization’s security. Let’s go.

Attention: a new Kubernetes vulnerability was uncovered by André Storfjord Kristiansen (@dev-bio on GitHub) and it demands immediate attention from security professionals and DevOps teams. CVE-2024-7646, affecting the popular ingress-nginx controller, allows malicious actors to bypass annotation validation and potentially gain unauthorized access to sensitive cluster resources. This vulnerability has been assigned a CVSS v3.1 base score of 8.8 (High).

Runtime anomaly detection is fast becoming a critical component for protecting containerized environments. Recent advancements in this field are addressing long-standing challenges and introducing innovative approaches to enhance security posture.

Kubernetes v1.31 brings about some noteworthy improvements to the popular container orchestration platform that improve security and other aspects within the platform. These enhancements improve account tokens, labeling, policies, and other areas to ensure a more secure and reliable platform for developers and enterprises.

We explored the Red Hat State of Kubernetes security report 2024, one of our favorite yearly reports. It’s jam-packed with incredibly fascinating information about one of our favorite subjects—Kubernetes security. Imagine that! In this post we’ll review some of the more interesting data points and contrast them with results from prior years. We’ll also discuss our own perspectives and observations on how this affects you as a Kubernetes user.

Kubernetes stands at the forefront of the container orchestration revolution by becoming most people’s go-to container orchestration platform. While looking at all the features that Kubernetes brings into the picture, you may notice that the platform does not manage its own users.

What is eBPF and how can it be used within the Kubernetes environment? In the dynamic world of container orchestration, where speed and adaptability are a must, eBPF, short for Extended Berkeley Packet Filter, has changed how developers interact with kernels within Kubernetes environments. At its core, eBPF crosses traditional boundaries, offering a programmable and secure in-kernel execution environment that empowers developers to use custom code without the need for modifications to the kernel itself.

A guest post by James Berthoty, founder of Latio. CSPMs and CNAPP have a major gap, and unfortunately, it drives the majority of your cloud that actually matters (Kubernetes). To be frank, most CNAPPs were created around two things: Even the early players in the space who recognized the value of containerization found themselves too ahead of the market to support the giant funding opportunities present from their competition, who were focused on easily scanning every cloud workload that could exist.

A high-severity remote code execution (RCE) vulnerability has been found in OpenSSH’s server (CVE-2024-6387) by the research team of Qualys. This issue is especially concerning because it brings back a problem that was originally fixed in 2006, showing that one of the most popular secure software still has hidden bugs. This discovery follows another major vulnerability found in the XZ Utils library just a few months ago, highlighting ongoing security challenges.