Learn about container threats, attacks, and security issues. Here are selected educational articles from the NeuVector blog.
Data Breach Analysis
Equifax Data Breach Analysis: Container Security Implications
Let’s take a closer look at the vulnerabilities and exploits reportedly used in the Equifax data breach. Could the use of containers have helped protect Equifax? We’ll examine the Apache Struts exploit.
Container Security Guide
How to Achieve Continuous Container Security
As enterprises move quickly to deploy containers and microservices with a continuous integration and delivery (CI/CD) pipeline, security often becomes an afterthought.
A Dirty Cow Container Exploit Sticks Around Even After The Container Is Destroyed
We have seen a lot of reports on how the Linux kernel can be compromised by the Dirty Cow (CVE-2016-5195) exploit. You may think that the damage can be cleaned up if the compromised container is stopped and removed. However, that is not the case!
Can the Linux Stack Clash Vulnerability Affect Containers?
The recently discovered ‘Stack Clash’ vulnerability in Linux-based systems is another critical security issue like Dirty Cow, but can the stack clash vulnerability affect containers, and what could an attacker do?
MongoDB Ransomware Attacks Illustrate the Need for Both Traditional and New Security Techniques
The recently reported ransomware attacks on MongoDB are shocking not just by the sheer number of them – over 28,000 and counting – but also by how easily they were compromised.
How to Protect Against Elasticsearch Ransomware Attacks
As if it wasn’t already bad enough, the ransomware attacks on MongoDB users continue to spread and have now targeted exposed Elasticsearch clusters. Here’s how to protect Elasticsearch, one of the most popular containerized applications.
Container Network Security
Securing East-West Traffic in a Container-based Data Center
Enterprise applications moving into the cloud, either public or private, has been one of the most prominent trends in the tech industry. However, not enough attention has been paid to securing east-west (internal) traffic, especially now with containers.
WanaCry/WannaCrypt Ransomware Attacks – Could They Affect Containers?
“WannaCrypt ransomware attacks should make us wanna cry” is the CNN news headline for the world-wide ransomware attack which started last Friday (5/12). The data clearly showed that this was a very serious network attack…