Container Security

How to Hack a Kubernetes Container, Then Detect and Prevent It

By Dieter Reuter As we talked about before in this blog, containers are just vulnerable to be attacked as non-container workloads. Hackers can use many of their old tricks on new containers, such as application exploits, network attacks, or phishing scams. In this post and demo, I’ll show how to hack a Kubernetes container using… Read more »

Container Security

Shift Left, Then Right for Runtime Application Container Security

In this new Solution Showcase by Enterprise Strategy Group (ESG), Senior Analyst Doug Cahill reviews recent research on application container adoption trends, then outlines how to build security into the DevOps and SecOps use cases. Abstract: The broad adoption of application containers for both new applications and those being refactored into a microservices architecture has… Read more »

Container Security

Achieving PCI Compliance for Containers

Although microservices and containers are not explicitly mentioned in PCI-DSS for PCI compliance, organizations implementing these technologies must focus carefully on monitoring, securing, and governance. Microservices and containers offer some unique characteristics that support pci compliance. For example, microservices emphasize an architecture with one function per service/container. This aligns well with PCI-DSS 2.2.1, implementing only… Read more »

Container Security

NeuVector 2.0 Is Now Available!

We’re happy to announce that the 2.0 release of the NeuVector Container Security Platform is now generally available! The 2.0 release is a major expansion of the platform to include end-to-end vulnerability scanning, automated real-time security incident response, and enhanced multi-vector detection of container attacks. Cloud-native enterprise integration is also enhanced with OpenShift and Kubernetes… Read more »

Container Security

Backdoor Found in Open Source SSH package

A serious backdoor vulnerability in a popular software package was recently reported. It was found in the ssh-decorator Python package. In this open source library, a log function was sending clear text IP addresses, login names and passwords to an external site: “ssh-decorate.cf/index.php.” This immediately became one of the hottest topics about which thousands of… Read more »