containers
The reality of container escapes
In this Help Net Security podcast recorded at RSA Conference 2019, Brandon Edwards, Chief Scientist at Capsule8, talks about container escapes. Here’s a transcript of the …
RunC container escape flaw enables root access to host system
A serious vulnerability in runC, a widely used CLI tool for spawning and running containers, could be exploited to compromise the runC host binary from inside a privileged …
Rise of DevOps exposes organizations to risk via container vulnerabilities
60 percent of respondents to a Tripwire and Dimensional Research study reported their organizations have experienced container security incidents in the past year. Yet, of the …
Critical Kubernetes privilege escalation flaw patched, update ASAP!
A critical privilege escalation vulnerability affecting the popular open source cluster management and container orchestration software Kubernetes has been patched on Monday. …
Microservices becoming architectural style of choice for application development
Microservices – a software development technique where an application is created by combining numerous smaller services – have evolved from fad to trend, becoming …
Container strategies don’t take security seriously enough
Most organizations do not feel prepared to adequately secure cloud-native applications, despite the surging adoption of containers and Kubernetes, according to StackRox. …
Building security into DevOps versus bolting it on
In this podcast, Hari Srinivasan, Director of Product Management for Qualys, talks about building security into DevOps versus bolting it on, specifically for containers. …
George Gerchow, CSO at Sumo Logic: Our DevSecOps strategy
Sumo Logic was founded in 2010 by experts in log management, scalable systems, big data, and security. Today, their purpose-built, cloud-native service analyzes more than 100 …
Preventing good containers from going bad
Containers go bad everyday, and often without warning. All it takes is one CVE impacting an image, and now all containers deployed using this image are at an increased level …
Enterprise container security: There’s room for improvement
With companies such as Facebook, Netflix and Google heralding the use of containers for their agility, portability, and cost benefits – enterprises are following suit. …
Container security: The seven biggest mistakes companies are making
As enterprises increase adoption of containers, they also risk increasing the number of mistakes they make with the technology. Given that many companies are still wrapping …
Keys, tokens and too much trust found in container images
We are all aware of the risks introduced by good old third party code. Where would we be without it? Apparently not very far. It is estimated that between 30 to 70 percent of …