%term

What is RCE in Kubernetes?

Dec 1, 2022 By Ben Hirschberg In ARMO

A detailed overview of the Remote Code Execution (RCE) attacks, how it affects the Kubernetes infrastructure, and how the vulnerabilities of the K8 systems can be mitigated. Remote Code Execution (RCE) is a vulnerability in systems that cybercriminals can exploit to perform attacks. In RCE attacks, hackers execute malicious code in target systems remotely, irrespective of their location on the network. That’s because they don’t need the target systems to have the execution functionality.

Read Post

ARMO

Read more about What is RCE in Kubernetes?

UpGuard Known Exploited Vulnerabilities (KEV) Demo // Annie Luu, Product Marketing Manager

Nov 30, 2022 By UpGuard In UpGuard

Hear from UpGuard's Product Marketing Manager, Annie Luu, as she introduces you to UpGuard's new Known Exploited Vulnerabilities feature.

View Video

UpGuard

Read more about UpGuard Known Exploited Vulnerabilities (KEV) Demo // Annie Luu, Product Marketing Manager

10 AWS security considerations when migrating

Nov 29, 2022 By Megan Moore In Snyk

Cloud data storage has many practical advantages over traditional data centers, but making a move also comes with many unique security considerations. When moving to AWS, begin how you wish to continue. Companies that transition to cloud data storage must update their approach to information security to protect their data. Setting up proper security practices during migration will help future teams securely and efficiently deliver applications and features.

Read Post

Snyk

Read more about 10 AWS security considerations when migrating

How to Migrate Snyk to the new Bitbucket Cloud App Integration

Nov 29, 2022 By Snyk In Snyk

Snyk has a new and improved Bitbucket Cloud App. The new Snyk Security for Bitbucket Cloud App features the same Bitbucket experience with a streamlined onboarding process and improved enterprise functionality. Here's how to migrate your existing Snyk as Bitbucket Cloud App (Legacy)—to the new Bitbucket Cloud App integration.

View Video

Snyk

Read more about How to Migrate Snyk to the new Bitbucket Cloud App Integration

OT:ICEFALL Continues: Vedere Labs Discloses Three New Vulnerabilities Affecting OT Products - How to Mitigate

Nov 29, 2022 By Vedere Labs In Forescout

Continuing our OT:ICEFALL research, Vedere Labs has disclosed three new vulnerabilities affecting OT products from two German vendors: Festo automation controllers and the CODESYS runtime, which is used by hundreds of device manufacturers in different industrial sectors, including Festo.

Read Post

Forescout

Read more about OT:ICEFALL Continues: Vedere Labs Discloses Three New Vulnerabilities Affecting OT Products - How to Mitigate

Can gamification unite development and security?

Nov 28, 2022 By Mariah Gresham In Snyk

Despite years of effort encouraging a DevSecOps approach, development and security teams tend to remain divided. For example, according to 2020 research, 65% of security professionals reported that their companies had successfully shifted security left. Good, right? But the same research also shows that almost a third of people believe the security team is primarily responsible for security — despite shifting left.

Read Post

Snyk

Read more about Can gamification unite development and security?

Cybersecurity solutions from ManageEngine

Nov 24, 2022 By ManageEngine In ManageEngine

As the volume of threats continues to climb, your organization needs to focus on building a solid, proactive cybersecurity strategy. ManageEngine's solutions for identity and access management (IAM), security information and event management (SIEM), endpoint security, network security, and data security will help you proactively identify threats and drastically reduce your vulnerability to attacks.

View Video

ManageEngine

Read more about Cybersecurity solutions from ManageEngine

2022 Kubernetes Vulnerabilities - Main Takeaways

Nov 23, 2022 By Ben Hirschberg In ARMO

All the main K8s vulnerabilities from 2022 consolidated into one article. Put together by Ben Hirschberg, founder of ARMO, the makers of Kubescape. During 2022, Kubernetes continued to cement itself as a critical infrastructure component in the modern software stack. From small to large organizations, it has become a widely popular choice. For obvious reasons, this shift made Kubernetes more susceptible to attacks. But this is not the end of it.

Read Post

ARMO

Read more about 2022 Kubernetes Vulnerabilities - Main Takeaways

Stranger Danger: Your Java Attack Surface Just Got Bigger

Nov 23, 2022 By Snyk In Snyk

Building Java applications today means that we take a step further from writing code. We use open-source dependencies, create a Dockerfile to deploy containers to the cloud, and orchestrate this infrastructure with Kubernetes. Welcome, you're a cloud native application developer! As developers, our responsibility broadened, and more software means more software security concerns for us to address.

View Video