%term

The latest News and Information on Containers, Kubernetes, Docker and related technologies.

TeamTNT: Latest TTPs targeting Kubernetes (Q1-2021)

Mar 31, 2021 By Manoj Ahuje In Tigera

In April 2020, MalwareHunterTeam found a number of suspicious files in an open directory and posted about them in a series of tweets. Trend Micro later confirmed that these files were part of the first cryptojacking malware by TeamTNT, a cybercrime group that specializes in attacking the cloud—typically using a malicious Docker image—and has proven itself to be both resourceful and creative.

Read Post

Tigera

Read more about TeamTNT: Latest TTPs targeting Kubernetes (Q1-2021)

How to choose the best enterprise Kubernetes solution

Mar 31, 2021 By anastasiavalti In Canonical

While containers are known for their multiple benefits for the enterprise, one should be aware of the complexity they carry, especially in large scale production environments. Having to deploy, reboot, upgrade or apply patches to patches to hundreds and hundreds of containers is no easy feat, even for experienced IT teams. Different types of Kubernetes solutions have emerged to address this issue.

Read Post

Canonical

Read more about How to choose the best enterprise Kubernetes solution

Sysdig Adds Unified Threat Detection Across Containers and Cloud to Combat Lateral Movement Attacks

Mar 30, 2021 By Sysdig In Sysdig

Sysdig introduces continuous CSPM to the Sysdig Secure DevOps Platform, multi-cloud threat detection for AWS and GCP, and a new free-forever cloud security tier. With 70% of cyberattack breaches utilizing lateral movement, Sysdig uniquely detects and responds to threats across cloud and containers.

Read Post

Sysdig

Read more about Sysdig Adds Unified Threat Detection Across Containers and Cloud to Combat Lateral Movement Attacks

Cloud lateral movement: Breaking in through a vulnerable container

Mar 30, 2021 By Stefano Chierici In Sysdig

Lateral movement is a growing concern with cloud security. That is, once a piece of your cloud infrastructure is compromised, how far can an attacker reach? What often happens in famous attacks to Cloud environments is a vulnerable application that is publicly available can serve as an entry point. From there, attackers can try to move inside the cloud environment, trying to exfiltrate sensitive data or use the account for their own purpose, like crypto mining.

Read Post

Sysdig

Read more about Cloud lateral movement: Breaking in through a vulnerable container

AWS CIS: Manage cloud security posture on AWS infrastructure

Mar 30, 2021 By Vicente Herrera García In Sysdig

Implementing the AWS Foundations CIS Benchmarks will help you improve your cloud security posture in your AWS infrastructure. What entry points can attackers use to compromise your cloud infrastructure? Do all your users have multi-factor authentication setup? Are they using it? Are you providing more permissions that needed? Those are some questions this benchmark will help you answer. Keep reading for an overview on AWS CIS Benchmarks and tips to implement it.

Read Post

Sysdig

Read more about AWS CIS: Manage cloud security posture on AWS infrastructure

Unified threat detection for AWS cloud and containers

Mar 30, 2021 By Vicente Herrera García In Sysdig

Implementing effective threat detection for AWS requires visibility into all of your cloud services and containers. An application is composed of a number of elements: hosts, virtual machines, containers, clusters, stored information, and input/output data streams. When you add configuration and user management to the mix, it’s clear that there is a lot to secure!

Read Post

Sysdig

Read more about Unified threat detection for AWS cloud and containers

Flux Tutorial: Implementing Continuous Integration Into Your Kubernetes Cluster

Mar 30, 2021 By Deklan Van De Laarschot In Coralogix

This hands-on Flux tutorial explores how Flux can be used at the end of your continuous integration pipeline to deploy your applications to Kubernetes clusters.

Read Post

Coralogix

Read more about Flux Tutorial: Implementing Continuous Integration Into Your Kubernetes Cluster

Getting started with cloud security

Mar 30, 2021 By Sysdig In Sysdig

Your application runs on containers and talks to multiple cloud services. How can you continuously secure all of it? With Sysdig you can. Continuously flag cloud misconfigurations before the bad guys get in. And suspicious activity, like unusual logins from leaked credentials. All in a single console that makes it easier to validate your cloud security posture. It only takes a few minutes to get started.

View Video

Sysdig

Read more about Getting started with cloud security

It's official - Civo Kubernetes is certified by CNCF

Mar 30, 2021 By Andy Jeffries In Civo

We're very proud to announce that we have been accepted by the Cloud Native Computing Foundation (CNCF) as a conformant Certified Kubernetes provider for our v1.20 Civo Kubernetes product based on K3s. Every small business starts with a goal of competing with the big fish of the industry, and a huge part of that is having the certification to prove you're providing a compatible service. We're now in the company of some really inspirational organisations...

Read Post

Civo

Read more about It's official - Civo Kubernetes is certified by CNCF

SpeedChat #002: Shift-Left vs. Shift-Right Throwdown - Nate Lee & Ken Ahrens

Mar 30, 2021 By Speedscale In Speedscale

Speedscale co-founders Ken Ahrens and Nate Lee join Jason English to discuss the emerging pattern of Shift-Right production validation vs. Shift-Left practices and testing, and sort it all out in under 15 minutes.

View Video