Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

Containers

Container Images - Code Source

Mend for GitHub.com Code Source provides a streamlined and highly effective approach to tracing vulnerabilities back to their source code in repositories. Mend’s proprietary labeling achieves this by adding the source repository URL and the Dockerfile path to your Dockerfile using OCI annotations, saving you time in researching risks detected on your built container images.
sysdig

Ensuring Compliance in an Ever-Evolving Cloud Security Landscape

According to CSO the fines incurred for data breaches or non-compliance with security and privacy laws, for only a handful of companies, has cost $4.4 billion. The global average cost of a data breach in 2023 was $4.45 million, a 15% increase over 3 years (IBM). The challenge for organizations is how to safeguard sensitive information while adhering to the law, but without compromising innovation. Cyber threats loom large, affecting businesses in every industry.

styra

How to express OR in Rego

One of the most common questions people new to Open Policy Agent (OPA) and Rego ask is about how to express logical “OR” in the language. While there is no “OR” operator, Rego has no shortage of ways to express that, with some being more obvious than others. In this blog, we’ll take a look at the most common ways to express OR, and weigh the virtues of each method against the others. Hopefully you’ll learn a few tricks along the way.

armo

Happy second birthday, Kubescape!

Guest post originally published on Kubescape’s blog by Ben Hirschberg. Co-Founder and CTO at ARMO and a Kubescape maintainer. What do you get a piece of software for its second birthday? A brand new blog, of course! And cake. More on the cake later. Kubescape is an open-source Kubernetes security platform that helps you identify and fix security risks, misconfigurations and vulnerabilities in your Kubernetes clusters.

sysdig

AWS's Hidden Threat: AMBERSQUID Cloud-Native Cryptojacking Operation

The Sysdig Threat Research Team (TRT) has uncovered a novel cloud-native cryptojacking operation which they’ve named AMBERSQUID. This operation leverages AWS services not commonly used by attackers, such as AWS Amplify, AWS Fargate, and Amazon SageMaker. The uncommon nature of these services means that they are often overlooked from a security perspective, and the AMBERSQUID operation can cost victims more than $10,000/day.

styra

What Are the Most Common Security Risks of Cloud Computing?

Identifying and understanding the most common cloud security risks is crucial to a successful cloud computing adoption strategy. Organizations migrating to the cloud continually face new threats and discover vulnerabilities that were not present when they operated software deployed on-premises. According to IBM’s Cost of a Data Breach report, almost half of all data breaches are happening in the cloud, with attacks on systems hosted on public clouds costing an average of $5.02 million.

tigera

Transforming Container Network Security with Calico Container Firewall

In today’s cloud-driven landscape, containerized workloads are at the heart of modern applications, driving agility, scalability, and innovation. However, as these workloads become increasingly distributed across multi-cluster, multi-cloud, and hybrid environments, the challenge of securing them grows exponentially. Traditional network security measures designed for static network boundaries are ill-suited for the dynamic nature of containerized applications.

sysdig

Scarleteel 2.0 and the MITRE ATT&CK framework

In this blog post, we will take a comprehensive dive into a real-world cyber attack that reverberated across the digital realm – SCARLETEEL. Through an in-depth analysis of this notorious incident using the MITRE ATT&CK framework, we aim to unearth invaluable insights into the operational tactics of cyber adversaries.