466 matches found
Container Security First Steps: Image and Registry Scanning
Learn to secure your containers with image and registry scanning. This article explores key container vulnerabilities, and how to guard against them with cloud security tools like policy-based deployment control...
Protect Kubernetes Clusters with Admission Controller
Discover the power of admission controllers. Container security can be challenging, but this article will teach you how to guard your Kubernetes clusters against threats by screening containers before they even initialize...
Shift Left: Moving Container Security into the Dev, Test, and Build Process
Learn how you can use a DevOps methodology that optimizes application deployments and provides greater security for containers. This article explains how to move security into the container creation process in the DevOps workflow...
KubeArmor - Container-aware Runtime Security Enforcement System
Introduction to KubeArmor KubeArmor is a container-aware runtime security enforcement system that restricts the behavior such as process execution, file access, networking operation, and resource utilization of containers at the system level. KubeArmor operates with Linux security modules LSMs,...
Kubernetes Security Is Not Container Security
Container-specific security I recently had an interesting discussion with Gianluca Brindisi from Spotify about the differences between Kubernetes security and container security. Typically, the discussion about container security focuses on general questions that aren’t focused on a specific...
How to Conduct Vulnerability Assessments: An Essential Guide for 2021
Hackers are scanning the internet for weaknesses all the time, and if you don't want your organization to fall victim, you need to be the first to find these weak spots. In other words, you have to adopt a proactive approach to managing your vulnerabilities, and a crucial first step in achieving...
Rapid7 Announces Kubernetes Integration General Availability in InsightVM
Rapid7 is excited to announce the general availability of our Kubernetes integration in InsightVM, our vulnerability management tool.This represents a step forward in Rapid7’s ability to provide vulnerability and remediation management capabilities for container environments. Kubernetes is the mo...
Unbreakable Enterprise kernel-container security update
4.14.35-2047.502.4.el7 - Revert 'rds: ib: Remove two ibmodifyqp calls' Sharath Srinivasan Orabug: 32715567 - uek-rpm: Update SecureBoot Digicert 2021 certificates Somasundaram Krishnasamy Orabug: 32532514 4.14.35-2047.502.3.el7 - video: hypervfb: Fix the mmap regression for v5.4.y and older Dexua...
Directory Traversal
Open Container Initiative umoci is vulnerable to directory traversal. It allows attackers to overwrite arbitrary host paths via a crafted image that causes symlink traversal when "umoci unpack" or "umoci raw unpack" is used...
4 Steps to Container Lifecycle Security
Containers and Kubernetes have revolutionized developing, deploying, and scaling applications and infrastructure. Learn best practices for security across the container lifecycle, so you can guard your containers against attack...
CVE-2021-29136
Open Container Initiative umoci before 0.4.7 allows attackers to overwrite arbitrary host paths via a crafted image that causes symlink traversal when "umoci unpack" or "umoci raw unpack" is used...
CVE-2021-29136
Open Container Initiative umoci before 0.4.7 allows attackers to overwrite arbitrary host paths via a crafted image that causes symlink traversal when "umoci unpack" or "umoci raw unpack" is used...
Design/Logic Flaw
Open Container Initiative umoci before 0.4.7 allows attackers to overwrite arbitrary host paths via a crafted image that causes symlink traversal when "umoci unpack" or "umoci raw unpack" is used...
Extending your FedRAMP Program to Container Infrastructure with the Qualys Cloud Platform
Following the recent release of the FedRAMP Vulnerability Scanning Requirements for Containers, FedRAMP-authorized systems that make use of containers have one month from March 16, 2021 to submit a plan for compliance with the new requirements. Organizations with a need to certify their services...
Women in Security Part 6: Meet Nandini De, Director of Engineering
This post is part of our Women’s History Month series - follow along with us on Twitter @VMwareCarbonBlack To conclude Women’s History Month, we are thrilled to bring you the last spotlight of our Women in Security series. It’s been an honor to highlight the outstanding women in the VMware Securi...
containers/openjdk: /etc/passwd is given incorrect privileges
An insecure modification flaw in the /etc/passwd file was found in the openjdk-1.8 and openjdk-11 containers. This flaw allows an attacker with access to the container to modify /etc/passwd and escalate their privileges. The highest threat from this vulnerability is to confidentiality, integrity,...
VMware Carbon Black Ranks Among Top 10 of 100 Cybersecurity Companies by the University of San Diego
We are proud to announce that VMware Carbon Black has been ranked within the top 10 organizations on the University of San Diego Cybersecurity Team’s annual list of the Top 100 Cybersecurity Companies of 2020. The annual list of cybersecurity companies highlights the most influential players in a...
Unbreakable Enterprise kernel-container security update
5.4.17-2036.104.5.el7 - scsi: iscsi: Verify lengths on passthrough PDUs Chris Leech Orabug: 32603379 CVE-2021-27363 CVE-2021-27364 CVE-2021-27365 - scsi: iscsi: Ensure sysfs attributes are limited to PAGESIZE Chris Leech Orabug: 32603379 CVE-2021-27363 CVE-2021-27364 CVE-2021-27365 - scsi: iscsi:...
Securing Containers and Kubernetes-Orchestrated Environments
In a recent Black Hat webcast, “Securing Containers and Kubernetes-Orchestrated Environments,” sponsored by VMware Carbon Black, guest speakers Sheila A. Berta, Offensive Security Specialist, Dreamlab Technologies and Haim Helman, CTO, VMware Carbon Black App Security, VMware Security Business...
Amazon ECS Exec Now Works with Containers in AWS Fargate
Building in containers offers amazing benefits for development teams – speed, agility, flexibility, scalability, etc...