HackDig : Dig high-quality web security articles for hacker

Announcing the Cloud Native Security Hub

One of the main benefits to standardized infrastructure is the ability to share application resources across entities. We are taking advantage of this with the Cloud Native Security Hub as we start to explore how to standardize cloud native security. Securing cloud native environments is a new challenge for any team trying to bring these workloads to
Publish At:2019-11-18 23:50 | Read:198 | Comments:0 | Tags:Falco falco Kubernetes Sysdig Secure Cloud

Image scanning for Azure Pipelines

In this blog post, you’ll learn how to setup image scanning for Azure Pipelines using Sysdig Secure DevOps Platform. Azure DevOps gives teams tools like version control, reporting, project management, automated builds, lab management, testing, and release management. Azure Pipelines automates the execution of CI/CD tasks, like building the container i
Publish At:2019-11-11 23:50 | Read:199 | Comments:0 | Tags:Sysdig Secure Azure Azure Pipelines falco Github Kubernetes

Multi-cluster security with Falco and AWS Firelens on EKS & ECS

In this blog post, we are going to teach you how to aggregate all Kubernetes security events across your AWS container services. We’ll be using AWS FireLens to route Falco notifications, centralizing all the security events, such as AWS CloudWatch, in one service. We will: Aggregate events from any AWS container platform (EKS, ECS, Kubernet
Publish At:2019-11-11 23:50 | Read:226 | Comments:0 | Tags:Falco AWS falco Kubernetes Openshift

Understanding common library implementation

The history of successful open source tooling built on common Linux libraries, by Loris Degioanni As Falco grows in popularity, many new users get exposed to it on a daily basis. As should be expected, most of these users are not aware of what the architecture underneath Falco is. What components play a role in powering it? How do these components relate
Publish At:2019-11-11 23:50 | Read:256 | Comments:0 | Tags:Falco

33(+) Kubernetes security tools.

Kubernetes security tools … there are so freaking many of them; with different purposes, scopes and licenses. 33 #Kubernetes #security tools, explained and categorized to help you pick the right ones for your cluster. Click to tweet That’s why we decided to create this Kubernetes security tools list, including open source projects and
Publish At:2019-10-18 04:35 | Read:305 | Comments:0 | Tags:Falco Sysdig Secure

How to detect Kubernetes vulnerability CVE-2019-11246 using Falco.

A recent CNCF-sponsored Kubernetes security audit uncovered CVE-2019-11246, a high-severity vulnerability affecting the command-line kubectl tool. If exploited, it could lead to a directory traversal, allowing a malicious container to replace or create files on a user’s workstation. This vulnerability stemmed from an incomplete fix of a previously disclose
Publish At:2019-10-18 04:35 | Read:267 | Comments:0 | Tags:Falco cve Detection Vulnerability

Falco in the open

One of the most successful aspects of Kubernetes is how functional the open source community was able to operate. Kubernetes broke itself down in smaller sections called special interest groups, that operate similarly to subsections of the kernel. Each group is responsible for a single domain, and sets their own pace. One of the most important things to a Ku
Publish At:2019-10-18 04:35 | Read:264 | Comments:0 | Tags:Falco

What’s new in Kubernetes 1.16?

Kubernetes 1.16 is almost here and it’s packed with cool new features, like ephemeral containers for easy pod debugging, support for dual-stack network in pods, many new options for the scheduler… And we are just getting started! Here is the list of what’s new in Kubernetes 1.16. This is what’s new in #Kubernetes 1.16 Click to tweet Ku
Publish At:2019-10-18 04:35 | Read:195 | Comments:0 | Tags:Falco

How to detect CVE-2019-14287 using Falco

A recent flaw, CVE-2019-14287, has been found in sudo. In this blogpost, we are going to show you how to use Falco or Sysdig Secure, to detect any exploit attempts against this vulnerability. sudo allows users to run commands with other user privileges. It is typically used to allow unprivileged users to execute commands as root. The issue exists in t
Publish At:2019-10-18 04:35 | Read:150 | Comments:0 | Tags:Falco cve

SELinux, Seccomp, Falco, and You: A Technical Discussion

One of the questions we often get when we talk about Sysdig Falco is “How does it compare to other tools like SELinux, AppArmor, Auditd, etc. that also have security policies?” To help answer some of those questions, we thought we’d present a summary of other related security products and how they compare to Sysdig Falco. Specifically, we’ll l
Publish At:2017-01-19 23:00 | Read:5005 | Comments:0 | Tags:Uncategorized falco Sysdig Falco Info Sec

Falco 0.5.0 Now Available

Falco 0.5.0 Released We recently released Falco 0.5.0, the behavioral security monitor. This release has a little bit of everything–new features, rule changes, and bug fixes. Here’s a rundown of the changes: New Security Monitoring Features Usually, you’ll want your ruleset to result in few-to-no falco notifications. However, it
Publish At:2017-01-19 23:00 | Read:3988 | Comments:0 | Tags:Uncategorized falco security Sysdig Falco Info Sec

Announcing Falco 0.4.0

Falco Release 0.4.0 Yesterday we released Falco 0.4.0. It’s been a couple of months since 0.3.0, but there are lots of new features! The biggest change is greatly improved visibility into container and orchestration information when matching events against the set of falco rules. For containers, you can take advantage of new filterchecks %contain
Publish At:2016-10-25 20:15 | Read:3646 | Comments:0 | Tags:Uncategorized falco security Sysdig Falco

Announcing Falco 0.3.0

On Friday we released Falco 0.3.0. The biggest change in this release is significantly reduced cpu usage, involving changes in falco as well as the underlying sysdig libraries that falco uses:Reordering a rule condition’s operators to put likely-to-fail operators at the beginning and expensive operators at the end. This allows rules to shortcut early w
Publish At:2016-09-13 14:35 | Read:2848 | Comments:0 | Tags:Uncategorized falco infosec Sysdig Falco

Sending Little Bobby Tables to Detention

Little Bobby Tables shows us why it’s a good idea to sanitize your database inputs to avoid SQL injection attacks: In case you’re not familiar with the concept of SQL injection attacks, here’s a quick summary: Poorly written software uses a combination of a sql statement fragment like select salary from employees where i
Publish At:2016-09-13 14:35 | Read:3253 | Comments:0 | Tags:Uncategorized falco infosec SQL Injection Sysdig Falco


Share high-quality web security related articles with you:)


Tag Cloud