Containers

Enhancing Kubernetes Security by Shifting Security Left

May 20, 2019 By Sumana Annam In Styra

In the rapidly evolving world of Kubernetes security & compliance, DevOps and DevSecOps teams are detecting security challenges and compliance issues later in the development & deployment cycles. We are excited to share new features and updates that help DevOps and DevSecOps teams detect issues and ensure compliance throughout the development cycle.

Read Post

Styra

Read more about Enhancing Kubernetes Security by Shifting Security Left

Tigera Secure Enterprise Edition 2.4 Enables Firewalls to Secure Dynamic Kubernetes Workloads

May 15, 2019 By Vince Lau In Tigera

We are excited to announce the new security capabilities of Tigera Secure Enterprise Edition 2.4. This release enables enterprise security teams to extend their existing zone-based architectures and easily connect to external resources. The highlights include DNS Policies, Threat Defense, Compliance Dashboard and Reporting, and easier installation options.

Read Post

Tigera

Read more about Tigera Secure Enterprise Edition 2.4 Enables Firewalls to Secure Dynamic Kubernetes Workloads

Sysdig and Red Hat partnership, Openshift insights: visibility and security

May 14, 2019 By Sysdig In Sysdig

View Video

Sysdig

Read more about Sysdig and Red Hat partnership, Openshift insights: visibility and security

GKE security using Falco, Pub/Sub and Cloud Functions

May 14, 2019 By Mateo Burillo In Sysdig

In this blogpost we will demonstrate how to build a complete GKE security stack for anomaly detection and to prevent container runtime security threats. We will integrate Falco runtime security engine with Google Cloud Functions and Pub/Sub.

Read Post

Sysdig

Read more about GKE security using Falco, Pub/Sub and Cloud Functions

A Closer Look at Falco CVE-2019-8339

May 13, 2019 By Mark Stemm In Sysdig

Recently, a member of the Falco community privately disclosed a capacity related vulnerability which, under circumstances where a malicious actor has already gained access to your system, could allow the actor to further bypass Falco’s detection of abnormal activity. The final details are still being worked out, but we believe the CVE will be classified as Medium severity according to the CVSS methodology.

Read Post

Sysdig

Read more about A Closer Look at Falco CVE-2019-8339

Falco 0.15.0 Released

May 13, 2019 By Michael Ducy In Sysdig

We are happy to announce the release of Falco 0.15.0. This release incorporates a number of improvements, as well as bug fixes, and rules updates. This release also includes a mitigation for CVE-2019-8339, and all users are encouraged to update to this release. You can find more details about the features and improvements in the release notes, but below are a few highlights.

Read Post

Sysdig

Read more about Falco 0.15.0 Released

MITRE ATT&CK framework for container runtime security with Sysdig Falco

May 10, 2019 By Pawan Shankar In Sysdig

MITRE ATT&CK is a comprehensive knowledge base and complex framework of over 200 techniques that adversaries may use over the course of an attack. While MITRE’s full ATT&CK framework is publicly available, it can be characterized into 3 key elements.

Read Post

Sysdig

Read more about MITRE ATT&CK framework for container runtime security with Sysdig Falco

Centralized vs. Distributed Authorization: The CAP Theorem

May 8, 2019 By Tim Hinrichs In Styra

One of the best parts of working on the Open Policy Agent at Styra is that we get to help people design authorization systems for both their platform and their custom applications. The other day we were talking someone through the design tradeoffs of authorization for their application, and the first decision they had to make was whether they wanted a centralized authorization system or a distributed authorization system. Both OPA and Styra support either, so we have no real bias.

Read Post

Styra

Read more about Centralized vs. Distributed Authorization: The CAP Theorem

Sysdig Secure: Overview of Policies

Apr 22, 2019 By Sysdig In Sysdig

Review of Policies in Sysdig Secure for runtime protection in a container based environment.

View Video

Sysdig

Read more about Sysdig Secure: Overview of Policies

Sysdig Secure: Working with Policies

Apr 22, 2019 By Sysdig In Sysdig

Walkthrough of how policies are defined in Sysdig Secure through scoping, alerting and defined actions to be taken, based on Falco rules. Covers whitelisting/blacklisting policies by containers, processes, network traffic, file system I/O and system calls.

View Video

Sysdig

Read more about Sysdig Secure: Working with Policies

Subscribe to Containers

Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

Containers

Enhancing Kubernetes Security by Shifting Security Left

Tigera Secure Enterprise Edition 2.4 Enables Firewalls to Secure Dynamic Kubernetes Workloads

Sysdig and Red Hat partnership, Openshift insights: visibility and security

GKE security using Falco, Pub/Sub and Cloud Functions

A Closer Look at Falco CVE-2019-8339

Falco 0.15.0 Released

MITRE ATT&CK framework for container runtime security with Sysdig Falco

Centralized vs. Distributed Authorization: The CAP Theorem

Sysdig Secure: Overview of Policies

Sysdig Secure: Working with Policies

Monthly Archive

Follow Us