Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

We have been witnessing an ever growing amount of supply chain security incidents in the wild. Everything from open source package managers security flaws being exploited to continuous integration systems being compromised to software artifacts being backdoored. And now, those incidents are starting to extend to the place where developers spend most of their time: their integrated development environment, and specifically the Visual Studio Code IDE.

To stay ahead of attackers, we constantly monitor various security threats. One of these threats — supply chain attacks — aims to compromise an organization through its software development process. Recently, a huge spike in supply chain attacks was observed — dependency confusion was discovered, the SolarWinds breach was reported and more malicious packages were flagged. This certainly drew our attention (as well as the rest of the world’s)!

The CVE-2021-25737 low-level vulnerability has been found in Kubernetes kube-apiserver where an authorized user could redirect pod traffic to private networks on a Node. The kube-apiserver affected are: By exploiting the vulnerability, adversaries could be able to redirect pod traffic even though Kubernetes already prevents creation of Endpoint IPs in the localhost or link-local range.

Insufficient Logging and Monitoring differs somewhat from the previous 9 risks. While it cannot lead to a direct intrusion, this risk is that you fail to detect the intrusion in a timely manner, a failure that can cost millions.

Security Logging and Monitoring Failures is #9 in the current OWASP top Ten Most Critical Web Application Security Risks.

Residual risk is the threat or vulnerability that remains after all risk treatment and remediation efforts have been implemented. Even with an astute vulnerability sanitation program, there will always be vestiges of risks that remain, these are residual risks. Because they will always be present, the process of managing residual risk involves setting an acceptable threshold and then implementing programs and solutions to mitigate all risks below that threshold.

On May 18th 2021, the Center for Internet Security (CIS) released version 8 of the Critical Security Controls (CSC) - a business and technology agnostic set of recommendations that all organizations should consider and follow to prevent the most prevalent and dangerous attacks. In this blog series we discuss the ins and outs of the new guidance to get you up to speed with v8.