Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

Recently, Qualys discovered and reported a critical vulnerability affecting the popular GLIBC ecosystem, which is installed by default on most Linux-based operating systems. Specifically, a buffer overflow was found in the code responsible for handling special environment variables during the startup of a process which can result in a local privilege escalation. Fortunately, exploitation of this vulnerability can be detected by Falco.

To combat the growing threat of identity attacks, organizations need to adopt a proactive approach that goes beyond traditional security measures. Identity Threat Detection and Response (ITDR) is one such approach that focuses on monitoring and responding to suspicious activities related to user identities and access management. ITDR solutions can help organizations spot unusual patterns, such as multiple failed login attempts, access from unusual locations, or abnormal behavior within the system.

The cloud revolution has firmly taken hold, and businesses of all sizes are adopting cloud-native technologies. This new paradigm has also created newer attack surfaces for cybercriminals, who are eager to exploit known security gaps in cloud environments. Sysdig is collaborating with Docker to deliver a more efficient process for identifying risks and opportunities for accelerated remediation in Docker Scout using runtime insights.

In the realm of government institutions in Brazil, regional electoral courts hold a pivotal role in ensuring the integrity of the electoral process. These institutions are mandated to safeguard their essential electoral data through off-site backup solutions. While Kubernetes’ efficiency and flexibility hold great promise for modernizing operations, government data protection challenges have deterred many regional electoral courts from embracing this technology.

Kubernetes is a container orchestration tool that helps with the deployment and management of containers. Within Kubernetes, a container runs logically in a pod, which can be represented as one instance of a running service. Pods are ephemeral and not self-healing, which makes them fragile. They can go down when an interruption occurs on the server, during a brief network problem, or due to a minimal memory issue—and it can bring down your entire application with it.

Enterprises implementing containers and Kubernetes in either corporate datacenters or cloud environments typically employ Checkpoint Quantum to secure traffic between their datacenter networks and Checkpoint CloudGuard to safeguard their cloud resources. Often these network security perimeter focused solutions are also used to scrutinize traffic originating from Kubernetes clusters.

This is how Maya, a devSecOps team lead at one of the prominent software development companies, started her presentation in front of Security leaders to show how the Agentless vulnerability management approach helped her: In this blog post, we’ll introduce you to Sysdig’s new Agentless scanning for vulnerability management.