This article uses Kubernetes Secrets as a native Kubernetes component for handling sensitive data at container runtime and Vault as a trusted storage and maintenance solution for sensitive data.

Public cloud infrastructure is, by now, the default approach to both spinning up a new venture from scratch and rapidly scaling your business. From a security perspective, this is a brand new (well, by now more than a decade old) attack surface. “Attack surface” is a commonly used term that denotes the aggregate of your exploitable IT estate, or all of the different pathways a hacker might be able to use to gain access to your systems, steal your data, or otherwise harm your business.

In the rapidly evolving landscape of technology, containers have become a cornerstone for deploying and managing applications efficiently. However, with the increasing reliance on containers, understanding their intricacies and addressing security concerns has become paramount. In this blog, we will delve into the fundamental concept of containers and explore the crucial security challenges they pose.

If you follow cloud security, you know the market can be challenging to navigate, as security needs are often complex, span multiple teams, and demand new processes to pair with the expanding roster of technologies Fortunately, the market is starting to mature and coalesce around unifying cloud security technologies that bring together visibility across cloud infrastructure, containers, hosts, and identities.

The stakes couldn’t be higher for financial services organizations. They have to protect customers’ money and privacy, while complying with technical requirements and governmental regulations. Complying with all those requirements poses a major, ongoing challenge for security teams, which are already under pressure to do more with less. Cybercrime continues to grow, with every industry falling victim, at one time or another.

In the era of cloud computing, Kubernetes has emerged as a true cornerstone of cloud-native technologies. It’s an orchestration powerhouse for application containers, automating their deployment, scaling, and operations across multiple clusters. Kubernetes isn’t just a buzzword; it’s a paradigm shift that underpins the scalability and agility of modern software.

Kubernetes Service Account tokens are exploited in many attack chain scenarios. Learn how to mitigate these risks and secure your Kubernetes clusters effectively.

There are things in the world that are absolute, and there are things that are relative. For example, it is an absolute truth that the middle three Star Wars episodes were better than the prequel three. But if we are talking about security, it is mostly accepted to be relative as it is a well-accepted thesis that there is no absolute security. Every system can eventually be broken. Like in the joke about the two folks who are attacked by a lion.

The Sysdig Threat Research Team discovered techniques that allowed the AWS WAF to be bypassed using a specialized DOM event. Web Application Firewalls (WAFs) serve as the first line of defense for your web applications, acting as a filter between your application and incoming web traffic to protect against unauthorized or malicious activity. In this blog post, we will analyze one of the most commonly used Web Application Firewalls, the AWS WAF, and explain ways that allowed it to be bypassed.