Lucene search
+L

466 matches found

trendmicroblog
trendmicroblog
added 2021/05/18 12:0 a.m.10 views

Container Security First Steps: Image and Registry Scanning

Learn to secure your containers with image and registry scanning. This article explores key container vulnerabilities, and how to guard against them with cloud security tools like policy-based deployment control...

2.5AI score
Exploits0
trendmicroblog
trendmicroblog
added 2021/05/12 12:0 a.m.10 views

Protect Kubernetes Clusters with Admission Controller

Discover the power of admission controllers. Container security can be challenging, but this article will teach you how to guard your Kubernetes clusters against threats by screening containers before they even initialize...

3.9AI score
Exploits0
trendmicroblog
trendmicroblog
added 2021/05/06 12:0 a.m.9 views

Shift Left: Moving Container Security into the Dev, Test, and Build Process

Learn how you can use a DevOps methodology that optimizes application deployments and provides greater security for containers. This article explains how to move security into the container creation process in the DevOps workflow...

3.7AI score
Exploits0
kitploit
kitploit
added 2021/05/05 9:30 p.m.142 views

KubeArmor - Container-aware Runtime Security Enforcement System

Introduction to KubeArmor KubeArmor is a container-aware runtime security enforcement system that restricts the behavior such as process execution, file access, networking operation, and resource utilization of containers at the system level. KubeArmor operates with Linux security modules LSMs,...

7.3AI score
Exploits0References9
rapid7blog
rapid7blog
added 2021/05/03 10:36 p.m.176 views

Kubernetes Security Is Not Container Security

Container-specific security I recently had an interesting discussion with Gianluca Brindisi from Spotify about the differences between Kubernetes security and container security. Typically, the discussion about container security focuses on general questions that aren’t focused on a specific...

7.2AI score
Exploits0
thn
thn
added 2021/04/29 10:31 a.m.56 views

How to Conduct Vulnerability Assessments: An Essential Guide for 2021

Hackers are scanning the internet for weaknesses all the time, and if you don't want your organization to fall victim, you need to be the first to find these weak spots. In other words, you have to adopt a proactive approach to managing your vulnerabilities, and a crucial first step in achieving...

6.9AI score
Exploits0
rapid7blog
rapid7blog
added 2021/04/19 1:56 p.m.71 views

Rapid7 Announces Kubernetes Integration General Availability in InsightVM

Rapid7 is excited to announce the general availability of our Kubernetes integration in InsightVM, our vulnerability management tool.This represents a step forward in Rapid7’s ability to provide vulnerability and remediation management capabilities for container environments. Kubernetes is the mo...

0.9AI score
Exploits0
oraclelinux
oraclelinux
added 2021/04/13 12:0 a.m.287 views

Unbreakable Enterprise kernel-container security update

4.14.35-2047.502.4.el7 - Revert 'rds: ib: Remove two ibmodifyqp calls' Sharath Srinivasan Orabug: 32715567 - uek-rpm: Update SecureBoot Digicert 2021 certificates Somasundaram Krishnasamy Orabug: 32532514 4.14.35-2047.502.3.el7 - video: hypervfb: Fix the mmap regression for v5.4.y and older Dexua...

7.8CVSS6.9AI score0.02079EPSS
Exploits3
veracode
veracode
added 2021/04/09 7:42 p.m.31 views

Directory Traversal

Open Container Initiative umoci is vulnerable to directory traversal. It allows attackers to overwrite arbitrary host paths via a crafted image that causes symlink traversal when "umoci unpack" or "umoci raw unpack" is used...

5.5CVSS5.6AI score0.00344EPSS
Exploits0References4Affected Software2
trendmicroblog
trendmicroblog
added 2021/04/08 12:0 a.m.12 views

4 Steps to Container Lifecycle Security

Containers and Kubernetes have revolutionized developing, deploying, and scaling applications and infrastructure. Learn best practices for security across the container lifecycle, so you can guard your containers against attack...

3.1AI score
Exploits0
nvd
nvd
added 2021/04/06 4:15 p.m.31 views

CVE-2021-29136

Open Container Initiative umoci before 0.4.7 allows attackers to overwrite arbitrary host paths via a crafted image that causes symlink traversal when "umoci unpack" or "umoci raw unpack" is used...

5.5CVSS0.00344EPSS
Exploits0References3
osv
osv
added 2021/04/06 4:15 p.m.20 views

CVE-2021-29136

Open Container Initiative umoci before 0.4.7 allows attackers to overwrite arbitrary host paths via a crafted image that causes symlink traversal when "umoci unpack" or "umoci raw unpack" is used...

5.5CVSS6.7AI score
Exploits0References3
prion
prion
added 2021/04/06 4:15 p.m.16 views

Design/Logic Flaw

Open Container Initiative umoci before 0.4.7 allows attackers to overwrite arbitrary host paths via a crafted image that causes symlink traversal when "umoci unpack" or "umoci raw unpack" is used...

2.1CVSS5.4AI score0.00344EPSS
Exploits0References3Affected Software2
qualysblog
qualysblog
added 2021/03/31 3:34 p.m.40 views

Extending your FedRAMP Program to Container Infrastructure with the Qualys Cloud Platform

Following the recent release of the FedRAMP Vulnerability Scanning Requirements for Containers, FedRAMP-authorized systems that make use of containers have one month from March 16, 2021 to submit a plan for compliance with the new requirements. Organizations with a need to certify their services...

0.8AI score
Exploits0
carbonblack
carbonblack
added 2021/03/29 1:0 p.m.151 views

Women in Security Part 6: Meet Nandini De, Director of Engineering

This post is part of our Women’s History Month series - follow along with us on Twitter @VMwareCarbonBlack To conclude Women’s History Month, we are thrilled to bring you the last spotlight of our Women in Security series. It’s been an honor to highlight the outstanding women in the VMware Securi...

7AI score
Exploits0
redhat
redhat
added 2021/03/19 4:55 p.m.6 views

containers/openjdk: /etc/passwd is given incorrect privileges

An insecure modification flaw in the /etc/passwd file was found in the openjdk-1.8 and openjdk-11 containers. This flaw allows an attacker with access to the container to modify /etc/passwd and escalate their privileges. The highest threat from this vulnerability is to confidentiality, integrity,...

7.8CVSS5.7AI score0.00262EPSS
Exploits0References5
carbonblack
carbonblack
added 2021/03/19 2:0 p.m.39 views

VMware Carbon Black Ranks Among Top 10 of 100 Cybersecurity Companies by the University of San Diego

We are proud to announce that VMware Carbon Black has been ranked within the top 10 organizations on the University of San Diego Cybersecurity Team’s annual list of the Top 100 Cybersecurity Companies of 2020. The annual list of cybersecurity companies highlights the most influential players in a...

6.9AI score
Exploits0
oraclelinux
oraclelinux
added 2021/03/17 12:0 a.m.99 views

Unbreakable Enterprise kernel-container security update

5.4.17-2036.104.5.el7 - scsi: iscsi: Verify lengths on passthrough PDUs Chris Leech Orabug: 32603379 CVE-2021-27363 CVE-2021-27364 CVE-2021-27365 - scsi: iscsi: Ensure sysfs attributes are limited to PAGESIZE Chris Leech Orabug: 32603379 CVE-2021-27363 CVE-2021-27364 CVE-2021-27365 - scsi: iscsi:...

7.8CVSS0.3AI score0.02079EPSS
Exploits3
carbonblack
carbonblack
added 2021/03/16 8:15 p.m.52 views

Securing Containers and Kubernetes-Orchestrated Environments

In a recent Black Hat webcast, “Securing Containers and Kubernetes-Orchestrated Environments,” sponsored by VMware Carbon Black, guest speakers Sheila A. Berta, Offensive Security Specialist, Dreamlab Technologies and Haim Helman, CTO, VMware Carbon Black App Security, VMware Security Business...

Exploits0
trendmicroblog
trendmicroblog
added 2021/03/15 12:0 a.m.6 views

Amazon ECS Exec Now Works with Containers in AWS Fargate

Building in containers offers amazing benefits for development teams – speed, agility, flexibility, scalability, etc...

3.3AI score
Exploits0
Rows per page
Query Builder