While auditing the Kubernetes source code, I recently discovered an issue (CVE-2020-8566) in Kubernetes that may cause sensitive data leakage. You would be affected by CVE-2020-8566 if you created a Kubernetes cluster using ceph cluster as storage class, with logging level set to four or above in kube-controller-manager. In that case, your ceph user credentials will be leaked in the cloud-controller-manager‘s log.

“My job here at Atlassian is to commit crimes and then write very, very detailed confession letters – metaphorically speaking.” Meet Alex: an engineer on our security intelligence team with a wry wit and a penchant for pop-color hair. Less metaphorically speaking, the team’s job (our red team, in particular) is to hack Atlassian’s systems exactly as real attackers would.

Every year brings new opportunities for federal IT professionals to reduce risk by addressing threats—both existing and emerging—with new tools, technologies, and tactics. This year has proven to be a little different, with the emergence of COVID-19 forcing federal agencies to make the jump to remote work. Although the world at large is currently working from home, bad actors from criminals to nation-state actors are still working, too.

Developers at Airbnb, BBC, Netflix, and Nike all share something in common: They’re using serverless computing to ship new products and features faster than ever. And they represent a growing trend. As businesses compete to quickly deliver customer value, a whopping 60% of enterprises have already adopted, or are planning to use, serverless architectures.

Five worthy reads is a regular column on five noteworthy items we’ve discovered while researching trending and timeless topics. With the rising concern over cyberattacks in the distributed workforce, this week we explore the concept of cybersecurity incident response during a pandemic.

How many applications do you use every day? On average, probably 20. Think about it—We use them to check email, to avoid traffic, to know if we need a coat, to order dinner, and to connect with friends and family. We use others to drive success for our organizations, to present new ideas, to close deals, and to take care of our customers. And this year, we used video conferencing apps to keep the world moving, streaming apps to keep ourselves sane, and online grocery apps.

SSO is often accomplished by using Lightweight Directory Access Protocol (LDAP). While LDAP has a variety of use cases, in this post, I’ll focus on authentication — specifically, how to use LDAP authentication for single-sign on (SSO) with Sensu Go. First off, a quick overview of Sensu authentication.

Welcome to another monthly update on what’s new from Sysdig! This month, our big announcement was around CloudTrail and Fargate scanning support. CloudTrail support gives Sysdig Secure the ability to ingest CloudTrail events. These get fed into the runtime security engine, where rules can be created using the Falco rules language.