Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

sysdig

Detecting and Mitigating CVE-2022-22963: Spring4Shell RCE Vulnerability

Mar 30, 2022 By Stefano Chierici In Sysdig

Today, researchers found a new HIGH vulnerability on the famous Spring Cloud Function leading to remote code execution (RCE). The vulnerability CVE-2022-22963 would permit attackers to execute arbitrary code on the machine and compromise the entire host.

Read Post
CloudCasa

How CloudCasa Helps Organizations Address Data Protection Weaknesses in Kubernetes

Mar 29, 2022 By CloudCasa In CloudCasa

In a recent episode of TFiR Let’s Talk, Swapnil Bhartiya sat down with Sathya Sankaran, Chief Operating Officer at CloudCasa by Catalogic, to discuss how the Kubernetes ecosystem is shifting and how CloudCasa is helping organizations address the data protection weaknesses in Kubernetes and cloud-native infrastructure and adopt these new technologies.

Read Post
armo

CVE-2022-23648 - Arbitrary Host File Access from containers launched by containerd CRI and its impact on Kubernetes

Mar 29, 2022 By Leonid Sandler In ARMO
Recently discovered vulnerability - CVE-2022-23648 - in containerd, a popular container runtime, allows especially containers to gain read-only access to files from the host machine. While general container isolation is expected to prevent such access, in Kubernetes, it is especially dangerous because well-known and highly sensitive files are stored in known locations on the host.
Read Post
sysdig

Digital Forensics Basics: A Practical Guide for Kubernetes DFIR

Mar 29, 2022 By Alberto Pellitteri In Sysdig

Containerization has gone mainstream, and Kubernetes won out as the orchestration leader. Building and operating applications this way provides massive elasticity, scalability, and efficiency in an ever accelerating technology world. Although DevOps teams have made great strides in harnessing the new tools, the benefits don’t come without challenges and tradeoffs.

Read Post

Secure your cloud from source to run

Mar 25, 2022 By Sysdig In Sysdig
Security has to change, cloud native is now. Sysdig: Secure your Cloud from Source to Run. Cloud security that avoids, that alerts, closes gaps, grants access, takes charge. That checks out, that scales up, that keeps up. That’s there From source, to run. That’s Sysdig! A single view of risk. With no blind spots. Rich context to prioritize what matters. With no guesswork. A platform based on open standards. With no black boxes.
View Video
sysdig

Detect malicious activity in Okta logs with Falco and Sysdig okta-analyzer

Mar 25, 2022 By Stefano Chierici In Sysdig

On March 22, the hacking group Lapsus$ published a Twitter post with a number of screenshots taken from a computer showing “superuser/admin” access to various systems at authentication firm Okta that took place in January this year. Okta is a platform in the #1 platform in Identity-as-a-Service (IDaaS) category, which means that it manages access to internal and external systems with one login.

Read Post
tigera

How to secure Kubernetes at the infrastructure level: 10 best practices

Mar 24, 2022 By Laura Ferguson In Tigera

Infrastructure security is something that is important to get right so that attacks can be prevented—or, in the case of a successful attack—damage can be minimized. It is especially important in a Kubernetes environment because, by default, a large number of Kubernetes configurations are not secure. Securing Kubernetes at the infrastructure level requires a combination of host hardening, cluster hardening, and network security.

Read Post

Copyright © 2026 OpsMatters™. All rights reserved.