CVE-2020-8554 is a vulnerability that allows Kubernetes Services to intercept cluster traffic to any IP address. Users who can manage services can exploit the vulnerability to carry out man-in-the-middle (MITM) attacks against pods and nodes in the cluster. All Kubernetes versions including the latest release (v1.20) are vulnerable to this attack. If your cluster is multi-tenant, or allows unprivileged users to create and update services, you are impacted.

[January 28, 2021] Check out ThreatQuotient's Anthony Stitt with online news channel Ticker TV. This interview explored the vital role employees play and how organisations can empower their employees in identifying and reporting cyber threats while also exploring the value of gathering internal threat intelligence within an organisation.

Quick overview on Sumo Logic’s Cloud SIEM solution and how our scalable cloud-native platform helps SOC teams address multiple security use cases, including automatic detection and correlation for the threats that matter most.

Watch our AppSec Decoded video series featuring Tim Mackey, principal security strategist at the Synopsys Cybersecurity Research Center, to learn how to secure connected devices and why the responsibility falls on the manufacturer.

Managing multiple Kubernetes clusters can become time consuming and complex. Calico Enterprise can help with built in multi-cluster management capabilities to simplify deployment and ongoing operations, including securing interactions between the clusters, and providing cross-cluster service discovery.

Snyk helps software-driven businesses develop fast and stay secure. Continuously find and fix vulnerabilities for npm, Maven, NuGet, RubyGems, PyPI and more.

A 10-minute overview of Teramind's all in one; employee monitoring, user behavior analytics, insider threat detection and data loss prevention platform.

Snyk helps software-driven businesses develop fast and stay secure. Continuously find and fix vulnerabilities for npm, Maven, NuGet, RubyGems, PyPI and more.

In this video, you will learn how to create, configure, and schedule an unauthenticated Dynamic Analysis. An unauthenticated Dynamic Analysis scan is appropriate when the site you are scanning does not require a login. Veracode Dynamic Analysis also supports the scanning of websites that require authentication, such as such as login via a webform, browser based, or NTLM.